import jcifs.internal.smb2.Smb2Constants;
import jcifs.internal.util.SMBUtil;

/**
 * SMB2 Session Setup request message. This command is used to establish a security session
 * and authenticate a user to the server.
 *
 * @author mbechler
 *
 */
public class Smb2SessionSetupRequest extends ServerMessageBlock2Request<Smb2SessionSetupResponse> {

    private final byte[] token;

    response = client.get("/users/me")
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Not authenticated"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_strict_login_no_data():
    response = client.post("/login")
    assert response.status_code == 422
    assert response.json() == {
        "detail": [
            {

	if err != nil {
		log.Fatalln(err)
	}

	err = madmClnt.ServiceRestart(context.Background())
	if err != nil {
		log.Fatalln(err)
	}

	// Use generated credentials to authenticate with MinIO server
	minioClient, err := minio.New(stsEndpointURL.Host, opts)
	if err != nil {
		log.Fatalf("Error initializing client: %v", err)
	}

	// Use minIO Client object normally like the regular client.

	}

	cert, ok := clientKey.(*ssh.Certificate)
	if !ok {
		return errSftpPublicKeyWithoutCert
	}

	// ssh.CheckCert called by ssh.Authenticate accepts certificates
	// with empty principles list so we block those in here.
	if len(cert.ValidPrincipals) == 0 {
		return errSftpCertWithoutPrincipals
	}

     */
    @Size(max = 10)
    public String appendQueryParameter;

    /**
     * Enable or disable login requirement for search access.
     * When enabled, users must authenticate before performing searches.
     */
    @Size(max = 10)
    public String loginRequired;

    /**
     * Enable or disable result collapsing for similar documents.

Bu exception içinde, gerekiyorsa, gerekli scope'ları boşlukla ayrılmış bir string olarak (`scope_str` ile) ekliyoruz. Bu scope'ları içeren string'i `WWW-Authenticate` header'ına koyuyoruz (spesifikasyonun bir parçası).

{* ../../docs_src/security/tutorial005_an_py310.py hl[106,108:116] *}

## `username` ve veri şeklinin doğrulanması { #verify-the-username-and-data-shape }

    /**
     * Create an NtlmPasswordAuthentication object from domain, username, and password.
     *
     * @param domain the authentication domain
     * @param username the username to authenticate with
     * @param password the password to authenticate with
     */
    public NtlmPasswordAuthentication(String domain, String username, final String password) {
        int ci;

        if (username != null) {

        HttpURLConnection.HTTP_OK -> {
          return null
        }

        HttpURLConnection.HTTP_PROXY_AUTH -> {
          nextRequest = route.address.proxyAuthenticator.authenticate(route, response)
            ?: throw IOException("Failed to authenticate with proxy")

          if ("close".equals(response.header("Connection"), ignoreCase = true)) {
            return nextRequest
          }
        }

        else -> {

                ;
            }
        }
        String authHeader;
        if (response == HTTP_UNAUTHORIZED) {
            authHeader = "WWW-Authenticate";
            authProperty = "Authorization";
        } else {
            authHeader = "Proxy-Authenticate";
            authProperty = "Proxy-Authorization";
        }
        String authorization = null;

///

Create a utility function to hash a password coming from the user.

And another utility to verify if a received password matches the hash stored.

And another one to authenticate and return a user.

{* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}