if err != nil {
			os.Remove(privateKey)
			t.Fatalf("Test %d: failed to create tmp certificate file: %v", i, err)
		}

		if testCase.password != "" {
			t.Setenv(EnvCertPassword, testCase.password)
		}
		_, err = LoadX509KeyPair(certificate, privateKey)
		if err != nil && !testCase.shouldFail {
			t.Errorf("Test %d: test should succeed but it failed: %v", i, err)
		}

		`Root user name (access key) and root password (secret key) are expected to be specified via environment variables MINIO_ROOT_USER and MINIO_ROOT_PASSWORD respectively`,
	)

	ErrMissingEnvCredentialRootPassword = newErrFn(
		"Missing credential environment variable, \""+EnvRootPassword+"\"",
		"Environment variable \""+EnvRootPassword+"\" is missing",

    }

    @Test
    @DisplayName("handle: empty user/domain edge yields '@' and null password")
    void testHandleWithEmptyUserAndDomainEdge() throws Exception {
        // Default constructor results in empty strings for user and domain, null for password
        JAASAuthenticator auth = new JAASAuthenticator();
        NameCallback nc = new NameCallback("user:");

errors.blank_password = Password is required.
errors.password_length = Password must be at least {0} characters long.
errors.password_no_uppercase = Password must contain at least one uppercase letter.
errors.password_no_lowercase = Password must contain at least one lowercase letter.
errors.password_no_digit = Password must contain at least one digit.
errors.password_no_special_char = Password must contain at least one special character.

errors.blank_password = Password is required.
errors.password_length = Password must be at least {0} characters long.
errors.password_no_uppercase = Password must contain at least one uppercase letter.
errors.password_no_lowercase = Password must contain at least one lowercase letter.
errors.password_no_digit = Password must contain at least one digit.
errors.password_no_special_char = Password must contain at least one special character.

		// More than maxConfigSize bytes were available
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigTooLarge), r.URL)
		return
	}

	password := cred.SecretKey
	kvBytes, err := madmin.DecryptData(password, io.LimitReader(r.Body, r.ContentLength))
	if err != nil {
		adminLogIf(ctx, err)
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(ErrAdminConfigBadJSON), r.URL)
		return
	}

          keystorePassword 'keystore-password'
        }
      }
      project.tasks.withType(Test).configureEach { Test task ->
        dependsOn 'fipsResources'
        task.systemProperty('javax.net.ssl.trustStorePassword', 'password')
        task.systemProperty('javax.net.ssl.keyStorePassword', 'password')
        task.systemProperty('javax.net.ssl.trustStoreType', 'BCFKS')

	Endpoint   string
	rootCAs    *x509.CertPool
	username   string
	password   string
}

// OperatorOption - functional options pattern style for OperatorDNS
type OperatorOption func(*OperatorDNS)

// Authentication - custom username and password for authenticating at the endpoint
func Authentication(username, password string) OperatorOption {
	return func(args *OperatorDNS) {
		args.username = username

///

點擊後會跳出一個小視窗，讓你輸入 `username` 與 `password`（以及其他可選欄位）：

<img src="/img/tutorial/security/image02.png">

/// note | 注意

不管你在表單輸入什麼，現在都還不會成功；等等我們會把它完成。

///

這當然不是給最終使用者用的前端，但它是用來互動式文件化整個 API 的極佳自動化工具。

前端團隊（也可能就是你）可以使用它。

第三方應用或系統也能使用它。

你也能用它來除錯、檢查與測試同一個應用。

## `password` 流程 { #the-password-flow }

現在回頭理解剛剛那些是什麼。

在 OAuth2 中，`password` 是處理安全與身分驗證的其中一種「流程」（flow）。

	}

	if err := DB.Model(&data).Update("password", EncryptedData("xnewpass")).Error; err == nil {
		t.Errorf("Should failed to update data with invalid data")
	}

	if err := DB.Model(&data).Update("password", EncryptedData("newpass")).Error; err != nil {
		t.Errorf("Should got no error update data with valid data, but got %v", err)
	}

	AssertEqual(t, data.Password, EncryptedData("newpass"))
}