},

	// Issue 19989: two spaces between HTTP version and status.
	{
		"HTTP/1.0  401 Unauthorized\r\n" +
			"Content-type: text/html\r\n" +
			"WWW-Authenticate: Basic realm=\"\"\r\n\r\n" +
			"Your Authentication failed.\r\n",
		Response{
			Status:     "401 Unauthorized",
			StatusCode: 401,
			Proto:      "HTTP/1.0",
			ProtoMajor: 1,
			ProtoMinor: 0,
			Request:    dummyReq("GET"),

    ```

!!! info
    Der zusätzliche Header `WWW-Authenticate` mit dem Wert `Bearer`, den wir hier zurückgeben, ist ebenfalls Teil der Spezifikation.

    Jeder HTTP-(Fehler-)Statuscode 401 „UNAUTHORIZED“ soll auch einen `WWW-Authenticate`-Header zurückgeben.

    Im Fall von Bearer-Tokens (in unserem Fall) sollte der Wert dieses Headers `Bearer` lauten.

                }
              }
            },
            "description": "OK"
          },
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "batch_v1"
        ]
      }
    },
    "/apis/batch/v1/cronjobs": {
      "get": {

                }
              }
            },
            "description": "OK"
          },
          "401": {
            "description": "Unauthorized"
          }
        },
        "tags": [
          "authentication_v1beta1"
        ]
      }
    },
    "/apis/authentication.k8s.io/v1beta1/selfsubjectreviews": {
      "parameters": [

			matchAgainst: fmt.Errorf("no entry %s", "here"),
		},
		{
			name:         "match via .Is()",
			err:          aggregate{errors.New("forbidden"), alwaysMatchingError{}},
			matchAgainst: errors.New("unauthorized"),
			expectMatch:  true,
		},
		{
			name:         "match via equality",
			err:          aggregate{errors.New("err"), someError{}},
			matchAgainst: someError{},
			expectMatch:  true,
		},
		{

    ```

!!! info
    The additional header `WWW-Authenticate` with value `Bearer` we are returning here is also part of the spec.

    Any HTTP (error) status code 401 "UNAUTHORIZED" is supposed to also return a `WWW-Authenticate` header.

    In the case of bearer tokens (our case), the value of that header should be `Bearer`.

    You can actually skip that extra header and it would still work.

    if [[ -n "${GCP_AUTHZ_CACHE_AUTHORIZED_TTL:-}" ]]; then
      params+=" --authorization-webhook-cache-authorized-ttl=${GCP_AUTHZ_CACHE_AUTHORIZED_TTL}"
    fi
    if [[ -n "${GCP_AUTHZ_CACHE_UNAUTHORIZED_TTL:-}" ]]; then
      params+=" --authorization-webhook-cache-unauthorized-ttl=${GCP_AUTHZ_CACHE_UNAUTHORIZED_TTL}"
    fi
  fi
  authorization_mode="Node,${authorization_mode}"

        failure.assertHasCause('Failed to publish publication \'ivy\' to repository \'ivy\'')
        failure.assertThatCause(CoreMatchers.containsString('Received status code 401 from server: Unauthorized'))

        where:
        authScheme        | credsName | creds
        AuthScheme.BASIC  | 'empty'   | null
        AuthScheme.DIGEST | 'empty'   | null
        AuthScheme.NTLM   | 'empty'   | null

    ```Python hl_lines="55-64  67-70  88"
    {!> ../../../docs_src/security/tutorial003_py310.py!}
    ```

!!! 정보
    여기서 반환하는 값이 `Bearer`인 추가 헤더 `WWW-Authenticate`도 사양의 일부입니다.

    모든 HTTP(오류) 상태 코드 401 "UNAUTHORIZED"는 `WWW-Authenticate` 헤더도 반환해야 합니다.

    베어러 토큰의 경우(지금의 경우) 해당 헤더의 값은 `Bearer`여야 합니다.

    실제로 추가 헤더를 건너뛸 수 있으며 여전히 작동합니다.

    그러나 여기에서는 사양을 준수하도록 제공됩니다.

		if err != nil {
			klog.ErrorS(err, "Unable to authenticate the request due to an error")
			resp.WriteErrorString(http.StatusUnauthorized, "Unauthorized")
			return
		}
		if !ok {
			resp.WriteErrorString(http.StatusUnauthorized, "Unauthorized")
			return
		}

		// Get authorization attributes
		attrs := s.auth.GetRequestAttributes(info.User, req.Request)

		// Authorize