for LDAP password, etc ## The key in the secret must be 'config.env' ## # extraSecret: minio-extraenv ## OpenID Identity Management ## The following section documents environment variables for enabling external identity management using an OpenID Connect (OIDC)-compatible provider. ## See https://min.io/docs/minio/linux/operations/external-iam/configure-openid-external-identity-management.html for a tutorial on using these variables. oidc: enabled: false configUrl: "https://identity-provider-url/...

can be useful for LDAP password, etc ## The key in the secret must be 'config.env' ## extraSecret: ~ ## OpenID Identity Management ## The following section documents environment variables for enabling external identity management using an OpenID Connect (OIDC)-compatible provider. ## See https://min.io/docs/minio/linux/operations/external-iam/configure-openid-external-identity-management.html for a tutorial on using these variables. oidc: enabled: false configUrl: "https://identity-provider-url/...

can be useful for LDAP password, etc ## The key in the secret must be 'config.env' ## extraSecret: ~ ## OpenID Identity Management ## The following section documents environment variables for enabling external identity management using an OpenID Connect (OIDC)-compatible provider. ## See https://min.io/docs/minio/linux/operations/external-iam/configure-openid-external-identity-management.html for a tutorial on using these variables. oidc: enabled: false configUrl: "https://identity-provider-url/...

for LDAP password, etc ## The key in the secret must be 'config.env' ## # extraSecret: minio-extraenv ## OpenID Identity Management ## The following section documents environment variables for enabling external identity management using an OpenID Connect (OIDC)-compatible provider. ## See https://docs.min.io/minio/baremetal/security/openid-external-identity-management/external-authentication-with-openid-identity-provider.html#minio-external-identity-management-openid for a tutorial on using these...

for LDAP password, etc ## The key in the secret must be 'config.env' ## # extraSecret: minio-extraenv ## OpenID Identity Management ## The following section documents environment variables for enabling external identity management using an OpenID Connect (OIDC)-compatible provider. ## See https://docs.min.io/minio/baremetal/security/openid-external-identity-management/external-authentication-with-openid-identity-provider.html#minio-external-identity-management-openid for a tutorial on using these...

    val connect1 = server.takeRequest()
    assertThat(connect1.requestLine).isEqualTo("CONNECT android.com:$port HTTP/1.1")
    assertThat(connect1.headers["Proxy-Authorization"]).isNull()

    val connect2 = server.takeRequest()
    assertThat(connect2.requestLine).isEqualTo("CONNECT android.com:$port HTTP/1.1")
    assertThat(connect2.headers["Proxy-Authorization"]).isEqualTo("password")

            this.handle.decode(_src);
            this.retval = _src.dec_ndr_long();
        }
    }

    /**
     * SAMR Connect4 operation for establishing a connection to the SAM database.
     * This is an enhanced version of Connect2 with additional parameters.
     */
    public static class SamrConnect4 extends DcerpcMessage {

        @Override
        public int getOpnum() {

            handle.decode(_src);
            retval = _src.dec_ndr_long();
        }
    }

    /**
     * SAMR Connect4 operation for establishing a connection to the SAM database.
     * This is an enhanced version of Connect2 with additional parameters.
     */
    public static class SamrConnect4 extends DcerpcMessage {

        @Override
        public int getOpnum() {

class CustomTrust {
  // PEM files for root certificates of Comodo and Entrust. These two CAs are sufficient to view
  // https://publicobject.com (Comodo) and https://squareup.com (Entrust). But they aren't
  // sufficient to connect to most HTTPS sites including https://godaddy.com and https://visa.com.
  // Typically developers will need to get a PEM file from their organization's TLS administrator.
  val comodoRsaCertificationAuthority =
    """

## Introduction

MinIO provides a custom STS API that allows authentication with client X.509 / TLS certificates.

A major advantage of certificate-based authentication compared to other STS authentication methods, like OpenID Connect or LDAP/AD, is that client authentication works without any additional/external component that must be constantly available. Therefore, certificate-based authentication may provide better availability / lower operational complexity.