adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection. By default, node users are authorized for create and patch requests but not delete requests against their node object. Since the NodeRestriction...

   * other {@code ClassValue} entries for the exception type to be tested. This lets us evaluate
   * whether our solution scales to use with multiple exception types and to whether it is affected
   * by other {@code ClassValue} users. Some of the benchmarked implementations don't use one or
   * both of these mechanisms, so they will be unaffected.
   */
  @Param({"0", "1", "12"})
  int otherEntriesInDataStructure;

    # - - - - - - - - - -/

    # /- - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    # o additionalUserMap: (NotRequired - Default map:{})
    #  You can set additional users.
    #  Elements of this map are as below:
    #   o key of map: User Definition Name (userDefName)
    #   o url: (NotRequired - Default same as one of main schema)

import org.lastaflute.web.response.StreamResponse;

import jakarta.annotation.Resource;

/**
 * Action class for handling document redirection requests.
 * This action processes "go" requests that redirect users to specific documents
 * while tracking click events and handling various URL types including file system paths.
 */
public class GoAction extends FessSearchAction {

    /**
     * Default constructor for GoAction.

MINIO_IDENTITY_PLUGIN_AUTH_TOKEN    (string)    authorization token for plugin hook endpoint
MINIO_IDENTITY_PLUGIN_ROLE_POLICY*  (string)    policies to apply for plugin authorized users
MINIO_IDENTITY_PLUGIN_ROLE_ID       (string)    unique ID to generate the ARN
MINIO_IDENTITY_PLUGIN_COMMENT       (sentence)  optionally add a comment to this setting
```

Após autenticar no sistema, você verá assim:

<img src="/img/tutorial/security/image05.png">

### Obtenha seus próprios dados de usuário

Agora use a operação `GET` com o caminho `/users/me`.

Você obterá os dados do seu usuário, como:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",
  "full_name": "John Doe",
  "disabled": false,

          // getDeclaredField to throw a NoSuchFieldException when the field is definitely there.
          // For these users fallback to a suboptimal implementation, based on synchronized. This
          // will be a definite performance hit to those users.
          thrownAtomicReferenceFieldUpdaterFailure = atomicReferenceFieldUpdaterFailure;
          helper = new SynchronizedHelper();
        }
      }

  -v D:\data:/data \
  quay.io/minio/minio server /data --console-address ":9001"
```

### Run MinIO Docker as a regular user

Docker provides standardized mechanisms to run docker containers as non-root users.

#### GNU/Linux and macOS (regular user)

On Linux and macOS you can use `--user` to run the container as regular user.

> NOTE: make sure --user has write permission to *${HOME}/data* prior to using `--user`.

 *       feed values to it as you get them, then call {@link StatsAccumulator#snapshot}.
 * </ul>
 *
 * <p>Static convenience methods called {@code meanOf} are also provided for users who wish to
 * calculate <i>only</i> the mean.
 *
 * <p><b>Java 8+ users:</b> If you are not using any of the variance statistics, you may wish to use
 * built-in JDK libraries instead of this class.
 *
 * @author Pete Gillin
 * @author Kevin Bourrillion

  </ResponseMetadata>
</AssumeRoleResponse>
```

## Using AssumeRole API

```
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123
minio server ~/test
```

Create new users following the multi-user guide [here](https://docs.min.io/community/minio-object-store/administration/identity-access-management.html)

### Testing an example with awscli tool