// ===================================================================================
    //                                                                           Attribute
    //                                                                           =========
    /** createdBy */
    protected String createdBy;

    /** createdTime */
    protected Long createdTime;

    // ===================================================================================
    //                                                                           Attribute
    //                                                                           =========
    /** authRealm */
    protected String authRealm;

    /** createdBy */
    protected String createdBy;

```
~ mc admin config set myminio identity_openid config_url="http://CASDOOR_ENDPOINT/.well-known/openid-configuration" client_id=<client id> client_secret=<client secret> claim_name="tag"
```

> NOTE: As MinIO needs to use a claim attribute in JWT for its policy, you should configure it in casdoor as well. Currently, casdoor uses `tag` as a workaround for configuring MinIO's policy.

Once successfully set restart the MinIO instance.

```

    // ===================================================================================
    //                                                                           Attribute
    //                                                                           =========
    protected List<AbstractAggregationBuilder<?>> aggregationAggregationBuilderList;

    // ===================================================================================
    //                                                                           Attribute
    //                                                                           =========
    /** accessType */
    protected String accessType;

    /** clientIp */
    protected String clientIp;

    // ===================================================================================
    //                                                                           Attribute
    //                                                                           =========
    /** available */
    protected Boolean available;

    /** boost */
    protected Float boost;

    /** createdBy */

    // ===================================================================================
    //                                                                           Attribute
    //                                                                           =========
    /** available */
    protected Boolean available;

    /** crawler */
    protected Boolean crawler;

     * given user when the target object's ACL has local groups. Local groups
     * are not listed in a user's group membership (e.g. as represented by the
     * tokenGroups constructed attribute retrieved via LDAP).
     *
     * Domain groups nested inside a local group are currently not expanded. In
     * this case the key (SID) type will be SID_TYPE_DOM_GRP rather than
     * SID_TYPE_USER.
     *

import java.util.Map;

import javax.security.auth.kerberos.KerberosKey;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import jcifs.util.Hexdump;

/**
 * Privilege Attribute Certificate (PAC) decoder for Kerberos tickets.
 * Parses and validates PAC data structures containing user authorization information
 * from Active Directory Kerberos tickets.
 */
public class Pac {

     *
     * <p>The method uses secure XML parsing features to prevent XXE attacks and
     * other XML-based vulnerabilities. Component class names are extracted from
     * the 'class' attribute of 'component' elements in the XML files.</p>
     *
     * @return sorted list of data store class simple names discovered from plugins
     */
    protected List<String> loadDataStoreNameList() {