public void tearDown() {
        if (rateLimiter != null) {
            rateLimiter.close();
        }
    }

    @Test
    public void testNormalAuthentication() throws Exception {
        // Normal authentication should be allowed
        assertTrue(rateLimiter.checkAttempt("user1", "192.168.1.1"), "First attempt should be allowed");

        // Record success
        rateLimiter.recordSuccess("user1", "192.168.1.1");

	req, err := newTestRequest(http.MethodPost, resource, 0, nil)
	if err != nil {
		return nil, err
	}

	// management REST API uses signature V4 for authentication.
	err = signRequestV4(req, cred.AccessKey, cred.SecretKey)
	if err != nil {
		return nil, err
	}
	return req, nil
}

// testServicesCmdHandler - parametrizes service subcommand tests on

        assertEquals(300L, config.getDfsTtl());
        assertFalse(config.isDfsConvertToFQDN());
        assertNull(config.getLogonShare());
    }

    @Test
    @DisplayName("Test authentication configuration getters")
    void testAuthenticationConfigurationGetters() {
        assertNull(config.getDefaultDomain());
        assertNull(config.getDefaultUsername());
        assertNull(config.getDefaultPassword());

   * This avoids sending potentially sensitive data like HTTP cookies to the proxy unencrypted.
   *
   * In order to support preemptive authentication we pass a fake "Auth Failed" response to the
   * authenticator. This gives the authenticator the option to customize the CONNECT request. It can
   * decline to do so by returning null, in which case OkHttp will use it as-is.

     */
    public static ThumbnailManager getThumbnailManager() {
        return getComponent(THUMBNAIL_MANAGER);
    }

    /**
     * Gets the authentication manager component.
     * @return The authentication manager.
     */
    public static AuthenticationManager getAuthenticationManager() {
        return getComponent(AUTHENTICATION_MANAGER);
    }

    /**

   */
  public fun useHttps(sslSocketFactory: SSLSocketFactory) {
    this.sslSocketFactory = sslSocketFactory
  }

  /**
   * Configure the server to not perform SSL authentication of the client. This leaves
   * authentication to another layer such as in an HTTP cookie or header. This is the default and
   * most common configuration.
   */
  public fun noClientAuth() {
    this.clientAuth = CLIENT_AUTH_NONE
  }

    client.networkInterceptors().add(loggingInterceptor);
    ```

    **Warning:** Avoid `Level.HEADERS` and `Level.BODY` in production because
    they could leak passwords and other authentication credentials to insecure
    logs.

 *  **WebSocket API now uses `RequestBody` and `ResponseBody` for messages.**
    This is a backwards-incompatible API change.

import org.codelibs.core.misc.Pair;
import org.codelibs.core.stream.StreamUtil;
import org.codelibs.fess.crawler.Constants;

/**
 * The FormScheme class implements the AuthScheme interface to provide
 * form-based authentication for HTTP clients. It handles the process of
 * obtaining a token and logging in using the provided credentials.
 *
 * <p>This class supports both GET and POST methods for token and login

import java.io.IOException;
import java.util.Date;

import jcifs.smb.SID;

/**
 * Contains user logon information from a PAC (Privilege Attribute Certificate).
 * This class parses and provides access to user authentication and authorization
 * data from Kerberos tickets, including user identity, group memberships, and
 * logon metadata.
 */
public class PacLogonInfo {

    private Date logonTime;
    private Date logoffTime;

import org.codelibs.fess.crawler.exception.CrawlerSystemException;
import org.codelibs.fess.exception.CommandExecutionException;
import org.codelibs.fess.opensearch.user.exentity.User;

/**
 * Authentication chain implementation that executes external commands for user operations.
 * Provides user management through command-line tool execution for password changes and user deletion.
 */