OPA is enabled through MinIO's Access Management Plugin feature.

## Get started

### 1. Start OPA in a container

```sh
podman run -it \
    --name opa \
    --publish 8181:8181 \
    docker.io/openpolicyagent/opa:0.40.0-rootless \

                    this.handle = this.pipe.openUnshared(this.openFlags, this.access, this.sharing, SmbConstants.ATTR_NORMAL, 0);
                } else {
                    // at least on samba, SmbComOpenAndX fails without the pipe prefix
                    this.handle = this.pipe.openUnshared("\\pipe" + getUncPath(), this.openFlags, this.access, this.sharing,
                            SmbConstants.ATTR_NORMAL, 0);
                }

 * It handles file access, directory listing, and access control entries (ACEs) processing.
 * </p>
 *
 * <p>
 * The class provides methods to:
 * </p>
 * <ul>
 *   <li>Initialize the client with SMB authentication details.</li>
 *   <li>Retrieve content and metadata from SMB files.</li>
 *   <li>Process access control entries to determine allowed and denied SIDs (Security Identifiers).</li>

/**
 * Registry for extensible enum values that allows looking up enum instances by their identifiers.
 * <p>
 * This service provides access to all registered instances of a specific extensible enum type.
 * It's used internally by Maven and can also be used by plugins and extensions to access
 * custom enum values that have been registered through SPI providers.
 *
 * @param <T> the specific type of extensible enum managed by this registry

import org.lastaflute.web.response.render.RenderData;
import org.lastaflute.web.ruts.process.ActionRuntime;

import jakarta.annotation.Resource;

/**
 * Admin action for Access Token management.
 * This class provides CRUD operations for access tokens.
 *
 */
public class AdminAccesstokenAction extends FessAdminAction {

    /**
     * Default constructor.
     */
    public AdminAccesstokenAction() {

 */

public class SmbFileOutputStream extends OutputStream {

    private final SmbFile file;
    private final boolean append, useNTSmbs;
    private int openFlags;
    private final int access;
    private final int writeSize;
    private long fp;
    private byte[] tmp = new byte[1];
    private SmbComWriteAndX reqx;
    private SmbComWriteAndXResponse rspx;
    private SmbComWrite req;

                throw new IOException("Failed to access " + url, e);
            }
        }

        /**
         * Gets the object statistics from the storage service.
         * This method caches the response to avoid repeated calls.
         *
         * @return The object statistics response
         * @throws InvalidKeyException If the access key is invalid

     * @param access the desired access rights
     * @param shareAccess the share access mode
     * @param extFileAttributes the extended file attributes
     * @param createOptions the create options
     * @param andx the next command in the chain
     */
    public SmbComNTCreateAndX(final Configuration config, final String name, final int flags, final int access, final int shareAccess,

        .url("https://square.com")
        .build()
    assertThat(request.tag<Any>()).isNull()
    assertThat(request.tag(Any::class)).isNull()
    assertThat(request.tag(String::class)).isNull()

    // Alternate access APIs also work.
    assertThat(request.tag<String>()).isNull()
    assertThat(request.tag(String::class)).isNull()
  }

  @Test
  fun defaultTag() {
    val tag = "1234"
    val request =

MinIO supports multiple long term users in addition to default user created during server startup. New users can be added after server starts up, and server can be configured to deny or allow access to buckets and resources to each of these users. This document explains how to add/remove users and modify their access rights.

## Get started

In this document we will explain in detail on how to configure multiple users.

### 1. Prerequisites