* Normally, a token is set to expire after some time.
        * So, the user will have to log in again at some point later.
        * And if the token is stolen, the risk is less. It is not like a permanent key that will work forever (in most of the cases).
* The frontend stores that token temporarily somewhere.

    // ============================================================

    /** Property key for user information configuration. */
    public static final String USER_INFO_PROPERTY = "user.info";

    /** Property key for user favorite functionality configuration. */
    public static final String USER_FAVORITE_PROPERTY = "user.favorite";

    /** Property key for search log configuration. */

 */
package org.codelibs.fess.app.web.base.login;

/**
 * Interface for Fess credential management.
 * Provides access to user identification information.
 */
public interface FessCredential {

    /**
     * Gets the user ID for this credential.
     * @return The user ID.
     */
    String getUserId();

        }
        return null;
    }

    /**
     * Performs logout operations for the specified user using SSO.
     *
     * @param user The user to logout
     * @return The logout URL from the SSO authenticator, or null if SSO is not available
     */
    public String logout(final FessUserBean user) {
        if (available()) {
            final SsoAuthenticator authenticator = getAuthenticator();

/**
 * The reason why a cached entry was removed.
 *
 * @author Charles Fry
 * @since 10.0
 */
@GwtCompatible
public enum RemovalCause {
  /**
   * The entry was manually removed by the user. This can result from the user invoking {@link
   * Cache#invalidate}, {@link Cache#invalidateAll(Iterable)}, {@link Cache#invalidateAll()}, {@link
   * Map#remove}, {@link ConcurrentMap#remove}, or {@link Iterator#remove}.
   */
  EXPLICIT {

    public String getEntityTypeName() {
        return "org.codelibs.fess.opensearch.user.exentity.Group";
    }

    @Override
    public String getConditionBeanTypeName() {
        return "org.codelibs.fess.opensearch.user.cbean.GroupCB";
    }

    @Override
    public String getBehaviorTypeName() {
        return "org.codelibs.fess.opensearch.user.exbhv.GroupBhv";
    }

import org.codelibs.fess.opensearch.user.exentity.Group;
import org.codelibs.fess.opensearch.user.exentity.User;
import org.lastaflute.web.Execute;
import org.lastaflute.web.response.JsonResponse;

import jakarta.annotation.Resource;

/**
 * API action for admin group management.
 * Provides RESTful API endpoints for managing user group settings in the Fess search engine.

 */
package org.codelibs.fess.app.web.api.admin.user;

import org.codelibs.fess.app.web.api.admin.BaseSearchBody;

/**
 * Search request body for user administration API.
 */
public class SearchBody extends BaseSearchBody {

    /**
     * Default constructor.
     */
    public SearchBody() {
        super();
    }

    /** User ID */
    public String id;

An example could be that you have an external authentication provider that you need to call.

You send it a token and it returns an authenticated user.

This provider might be charging you per request, and calling it might take some extra time than if you had a fixed mock user for tests.

You probably want to test the external provider once, but not necessarily call it for every test that runs.

        runtime.registerData("adminUser",
                fessConfig.isAdminUser(username) || fessLoginAssist.getSavedUserBean()
                        .map(user -> user.hasRoles(fessConfig.getAuthenticationAdminRolesAsArray()))
                        .orElse(false));

        runtime.registerData("pageLoginLink", fessConfig.isLoginLinkEnabled());
    }