Then we can use `secrets.compare_digest()` to ensure that `credentials.username` is `"stanleyjobson"`, and that `credentials.password` is `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

This would be similar to:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

	if len(authFields) != 2 {
		return auth.Credentials{}, false, ErrMissingFields
	}

	// Then will be splitting on ":", this will separate `AWSAccessKeyId` and `Signature` string.
	keySignFields := strings.Split(strings.TrimSpace(authFields[1]), ":")
	if len(keySignFields) != 2 {
		return auth.Credentials{}, false, ErrMissingFields
	}

	return checkKeyValid(r, keySignFields[0])
}

		{
			bucketName:         bucketName,
			accessKey:          credentials.AccessKey,
			secretKey:          credentials.SecretKey,
			expectedRespStatus: http.StatusNoContent,
		},
		// Test case - 2.
		// Case with non-existent-bucket.
		{
			bucketName:         "non-existent-bucket",
			accessKey:          credentials.AccessKey,
			secretKey:          credentials.SecretKey,
			expectedRespStatus: http.StatusNotFound,
		},

		u, ok, err := globalIAMSys.CheckKey(r.Context(), accessKey)
		if err != nil {
			return auth.Credentials{}, false, ErrIAMNotInitialized
		}
		if !ok {
			// Credentials could be valid but disabled - return a different
			// error in such a scenario.
			if u.Credentials.Status == auth.AccountOff {
				return cred, false, ErrAccessKeyDisabled
			}
			return cred, false, ErrInvalidAccessKeyID

Luego podemos usar `secrets.compare_digest()` para asegurar que `credentials.username` es `"stanleyjobson"`, y que `credentials.password` es `"swordfish"`.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Esto sería similar a:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Return some error
    ...
```

Dann können wir `secrets.compare_digest()` verwenden, um sicherzustellen, dass `credentials.username` `"stanleyjobson"` und `credentials.password` `"swordfish"` ist.

{* ../../docs_src/security/tutorial007_an_py39.py hl[1,12:24] *}

Dies wäre das gleiche wie:

```Python
if not (credentials.username == "stanleyjobson") or not (credentials.password == "swordfish"):
    # Einen Error zurückgeben
    ...
```

import jcifs.CIFSContext;
import jcifs.Configuration;
import jcifs.Credentials;

/**
 * Simple memory management tests to validate basic resource cleanup functionality
 */
public class SimpleMemoryManagementTest {

    private CIFSContext mockContext;
    private SmbTransportImpl mockTransport;
    private Configuration mockConfig;
    private Credentials mockCredentials;
    private CredentialsInternal mockCredentialsInternal;

    void setup() {
        // Base context configuration - always needed
        when(cifsContext.getConfig()).thenReturn(configuration);

        // Context and credentials wiring - used by most tests
        when(cifsContext.getCredentials()).thenReturn(credentials);
        when(credentials.unwrap(CredentialsInternal.class)).thenReturn(credentialsInternal);
        when(credentialsInternal.clone()).thenReturn(credentialsInternal);

    runs-on: ubuntu-latest

    if: github.repository == 'gradle/gradle'

    steps:
      - name: Checkout repository
        uses: actions/checkout@v5
      - name: configure aws credentials
        uses: aws-actions/configure-aws-credentials@v5
        with:
          role-to-assume: arn:aws:iam::992382829881:role/GHASecrets_gradle_all
          aws-region: "eu-central-1"
      - name: get secrets

  # ci/official/utilities/setup_docker.sh.
else
  # The volume mapping flag below shares the user's gcloud credentials, if any,
  # with the container, in case the user has credentials stored there.
  # This would allow Bazel to authenticate for RBE.
  # Note: TF's CI does not have any credentials stored there.
  TFCI_DOCKER_ARGS="$TFCI_DOCKER_ARGS -v $HOME/.config/gcloud:/root/.config/gcloud"