}).orElse(() -> {
                throw new FessUserNotFoundException(username);
            });
        }

    }

    /**
     * Deletes a user from the system.
     * Removes the user from both the authentication manager and the database.
     *
     * @param user the user entity to delete
     */
    public void delete(final User user) {

        }
        return asJson(new ApiResult.ApiUpdateResponse().id(entity.getId()).created(false).status(ApiResult.Status.OK).result());
    }

    // DELETE /api/admin/group/setting/{id}
    /**
     * Deletes a specific group setting.
     * Prevents deletion of the currently logged-in user's group for security.
     *
     * @param id the group setting ID to delete
     * @return JSON response with deletion status
     */

            return null;
        });
        return asJson(new ApiUpdateResponse().id(boostDoc.getId()).created(false).status(Status.OK).result());
    }

    /**
     * Deletes a boost document rule setting by ID.
     *
     * @param id the ID of the boost document rule to delete
     * @return JSON response indicating the deletion status
     */
    // DELETE /api/admin/boostdoc/setting/{id}

Neste ponto, ao perceber que o servidor demorou alguns microssegundos a mais para enviar o retorno "Usuário ou senha incorretos", os invasores irão saber que eles acertaram _alguma coisa_, algumas das letras iniciais estavam certas.

E eles podem tentar de novo sabendo que provavelmente é algo mais parecido com `stanleyjobsox` do que com `johndoe`.

#### Um ataque "profissional"

//
// Size parameter set to 0 makes cache of unlimited size, e.g. turns LRU mechanism off.
//
// Providing 0 TTL turns expiring off.
//
// Delete expired entries every 1/100th of ttl value. Goroutine which deletes expired entries runs indefinitely.
func NewLRU[K comparable, V any](size int, onEvict EvictCallback[K, V], ttl time.Duration) *LRU[K, V] {
	if size < 0 {
		size = 0
	}
	if ttl <= 0 {
		ttl = noEvictionTTL
	}

  }

  public void testToArray_threadSafe() {
    for (int delta : new int[] {+1, 0, -1}) {
      for (int i = 0; i < VALUES.length; i++) {
        List<Double> list = Doubles.asList(VALUES).subList(0, i);
        Collection<Double> misleadingSize = Helpers.misleadingSizeCollection(delta);
        misleadingSize.addAll(list);
        double[] arr = Doubles.toArray(misleadingSize);

  }

  public void testToArray_threadSafe() {
    for (int delta : new int[] {+1, 0, -1}) {
      for (int i = 0; i < VALUES.length; i++) {
        List<Long> list = Longs.asList(VALUES).subList(0, i);
        Collection<Long> misleadingSize = Helpers.misleadingSizeCollection(delta);
        misleadingSize.addAll(list);
        long[] arr = Longs.toArray(misleadingSize);

  }

  public void testToArray_threadSafe() {
    for (int delta : new int[] {+1, 0, -1}) {
      for (int i = 0; i < VALUES.length; i++) {
        List<Short> list = Shorts.asList(VALUES).subList(0, i);
        Collection<Short> misleadingSize = Helpers.misleadingSizeCollection(delta);
        misleadingSize.addAll(list);
        short[] arr = Shorts.toArray(misleadingSize);

        return asJson(
                new ApiResult.ApiUpdateResponse().id(String.valueOf(entity.getId())).created(false).status(ApiResult.Status.OK).result());
    }

    /**
     * Deletes a stopwords dictionary item by ID.
     *
     * @param dictId the dictionary ID
     * @param id the ID of the stopwords item to delete
     * @return JSON response indicating the deletion status
     */

            throwValidationError(messages -> messages.addErrorsCrudFailedToCreateInstance(GLOBAL), this::asEditHtml);
        });
        return redirect(getClass());
    }

    /**
     * Deletes a role item.
     *
     * @param form the edit form containing the ID of the item to delete
     * @return HTML response redirecting to the list page after deletion
     */
    @Execute
    @Secured({ ROLE })