.Builder()
        .add("WWW-Authenticate: Basic realm=\"protected area\"")
        .build()
    assertThat(headers.parseChallenges("WWW-Authenticate"))
      .isEqualTo(listOf(Challenge("Basic", mapOf("realm" to "protected area"))))
  }

  @Test fun basicChallengeWithCharset() {
    val headers =
      Headers
        .Builder()
        .add("WWW-Authenticate: Basic realm=\"protected area\", charset=\"UTF-8\"")

import org.codelibs.fess.opensearch.user.exentity.User;

/**
 * Manages authentication operations across multiple authentication chains.
 * This class coordinates user operations across different authentication providers.
 */
public class AuthenticationManager {
    /** Array of authentication chains to process user operations. */
    protected AuthenticationChain[] chains = {};

    /**

     */
    @Required
    @Size(max = 100)
    public String username;

    /**
     * The password for authentication.
     */
    @Size(max = 100)
    public String password;

    /**
     * Additional parameters for the authentication.
     */
    @Size(max = 1000)
    public String parameters;

    /**
     * The web configuration ID this authentication is associated with.

                        .status(ApiResult.Status.OK)
                        .result());
    }

    /**
     * Retrieves a specific web authentication setting by ID.
     *
     * @param id the ID of the web authentication setting to retrieve
     * @return JSON response containing the web authentication setting
     */
    // GET /api/admin/webauth/setting/{id}
    @Execute

import org.dbflute.optional.OptionalEntity;

import jakarta.annotation.Resource;

/**
 * Service class for managing web authentication configurations.
 * Provides CRUD operations for web authentication settings including
 * listing, retrieving, storing, and deleting authentication configurations.
 */
public class WebAuthenticationService {

    /**
     * Default constructor.
     */

import jakarta.validation.constraints.Size;

/**
 * Form class for editing web authentication configurations in the admin interface.
 * This form extends CreateForm to include fields necessary for updating existing web authentication entries,
 * including tracking information for optimistic locking and audit trails.
 * Web authentication configurations define credentials for accessing protected web resources during crawling.
 */

import org.lastaflute.web.response.JsonResponse;

import jakarta.annotation.Resource;

/**
 * API action for admin file authentication management.
 * Provides RESTful API endpoints for managing file authentication settings in the Fess search engine.
 * File authentication settings define access credentials and permissions for file-based crawling.
 *
 */
public class ApiAdminFileauthAction extends FessApiAdminAction {

したがって、エンドポイントでは、ユーザーが存在し、正しく認証され、かつアクティブである場合にのみ、ユーザーを取得します:

{* ../../docs_src/security/tutorial003_an_py310.py hl[58:66,69:74,94] *}

/// info | 情報

ここで返している値が `Bearer` の追加ヘッダー `WWW-Authenticate` も仕様の一部です。

HTTP（エラー）ステータスコード 401「UNAUTHORIZED」は、`WWW-Authenticate` ヘッダーも返すことになっています。

ベアラートークン（今回のケース）の場合、そのヘッダーの値は `Bearer` であるべきです。

実際のところ、この追加ヘッダーを省略しても動作はします。

しかし、仕様に準拠するためにここでは付与しています。

## OAuth2 { #oauth2 }

OAuth2, authentication ve authorization’ı yönetmek için çeşitli yöntemleri tanımlayan bir spesifikasyondur.

Oldukça kapsamlı bir spesifikasyondur ve birkaç karmaşık use case’i kapsar.

"Üçüncü taraf" kullanarak authentication yapmanın yollarını da içerir.

import jakarta.validation.constraints.Size;

/**
 * Form class for editing file authentication configurations in the admin interface.
 * This form extends CreateForm to include fields necessary for updating existing file authentication entries,
 * including tracking information for optimistic locking and audit trails.
 * File authentication configurations define access control for file system crawling operations.
 *
 */