* the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <code>WNET\alice</code> tries to open a file
 * with desired access bits <code>0x00000003</code> (<code>FILE_READ_DATA |
 * FILE_WRITE_DATA</code>) and the target file has the following security
 * descriptor ACEs:
 * <pre>
 * Allow WNET\alice     0x001200A9  Direct
 * Allow Administrators 0x001F01FF  Inherited
 * Allow SYSTEM         0x001F01FF  Inherited

 * the then same process is repeated for inherited ACEs.
 * <p>
 * For example, if user <code>WNET\alice</code> tries to open a file
 * with desired access bits <code>0x00000003</code> (<code>FILE_READ_DATA |
 * FILE_WRITE_DATA</code>) and the target file has the following security
 * descriptor ACEs:
 *
 * <pre>
 * Allow WNET\alice     0x001200A9  Direct
 * Allow Administrators 0x001F01FF  Inherited

    void clone_copiesFields() {
        Subject subj = new Subject();
        Kerb5Authenticator auth = new Kerb5Authenticator(subj, "DOM", "user", "pass");
        auth.setUser("alice");
        auth.setRealm("EXAMPLE.COM");
        auth.setService("cifs");
        auth.setUserLifeTime(123);
        auth.setLifeTime(456);
        auth.setForceFallback(true);

    class EqualityContract {

        @Test
        void equalsIgnoresCaseForName() {
            ASN1ObjectIdentifier oid = testOid();
            MIEName a = new MIEName(oid, "Alice");
            MIEName b = new MIEName(oid, "alice");
            assertEquals(a, b);
            assertEquals(a.hashCode(), b.hashCode());
        }

        @Test
        void equalsHandlesNullNames() {

	MaxValiditySeconds int                    `json:"maxValiditySeconds"`
	Claims             map[string]interface{} `json:"claims"`
}

var tokens map[string]Resp = map[string]Resp{
	"aaa": {
		User:               "Alice",
		MaxValiditySeconds: 3600,
		Claims: map[string]interface{}{
			"groups": []string{"data-science"},
		},
	},
	"bbb": {
		User:               "Bart",
		MaxValiditySeconds: 3600,

 * <code>S-1-5-21-1496946806-2192648263-3843101252-1029</code> but they may
 * also be resolved to yield the name of the associated Windows account
 * such as <code>Administrators</code> or <code>MYDOM\alice</code>.
 * <p>
 * Consider the following output of <code>examples/SidLookup.java</code>:
 *
 * <pre>
 *        toString: S-1-5-21-4133388617-793952518-2001621813-512
 * toDisplayString: WNET\Domain Admins

    assert response.json() == {"detail": "Not authenticated"}


def test_security_http_basic_invalid_username(client: TestClient):
    response = client.get("/users/me", auth=("alice", "swordfish"))
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Incorrect username or password"}
    assert response.headers["WWW-Authenticate"] == "Basic"

    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_inactive_user(client: TestClient):
    response = client.get("/users/me", headers={"Authorization": "Bearer alice"})
    assert response.status_code == 400, response.text
    assert response.json() == {"detail": "Inactive user"}


def test_openapi_schema(client: TestClient):
    response = client.get("/openapi.json")

            // First is a user
            names.names[0] = new lsarpc.LsarTranslatedName();
            names.names[0].sid_type = (short) jcifs.SID.SID_TYPE_USER;
            names.names[0].name = new UnicodeString("alice", false);
            names.names[0].sid_index = 0;
            // Second is a domain group
            names.names[1] = new lsarpc.LsarTranslatedName();
            names.names[1].sid_type = (short) jcifs.SID.SID_TYPE_DOM_GRP;

            // Example from ACE interface documentation: user WNET\\alice with 0x00000003 (FILE_READ_DATA | FILE_WRITE_DATA)
            int aliceDesiredAccess = ACE.FILE_READ_DATA | ACE.FILE_WRITE_DATA;
            assertEquals(0x00000003, aliceDesiredAccess, "Alice's desired access should be 0x00000003");

            // Direct ACE: Allow WNET\\alice 0x001200A9
            int aliceDirectACE = 0x001200A9;