```

////

If a client tries to send some extra data, they will receive an **error** response.

For example, if the client tries to send the form fields:

* `username`: `Rick`
* `password`: `Portal Gun`
* `extra`: `Mr. Poopybutthole`

They will receive an error response telling them that the field `extra` is not allowed:

```json
{
    "detail": [
        {

    protected static final String SPNEGO_ALLOW_BASIC = "spnego.allow.basic";
    protected static final String SPNEGO_PREAUTH_PASSWORD = "spnego.preauth.password";
    protected static final String SPNEGO_PREAUTH_USERNAME = "spnego.preauth.username";
    protected static final String SPNEGO_LOGIN_SERVER_MODULE = "spnego.login.server.module";

     * 
     * @return default credentials, user name
     */
    String getDefaultUsername ();


    /**
     * 
     * Property <tt>jcifs.smb.client.password</tt>
     * 
     * @return default credentials, password
     */
    String getDefaultPassword ();


    /**
     * Lanman compatibility level
     * 
     * {@href https://technet.microsoft.com/en-us/library/cc960646.aspx}

            userService.changePassword(username, form.newPassword);
            saveInfo(messages -> messages.addSuccessChangedPassword(GLOBAL));
        } catch (final Exception e) {
            logger.warn("Failed to change password for {}", username, e);
            throwValidationError(messages -> messages.addErrorsFailedToChangePassword(GLOBAL), toIndexPage);
        }
        return redirect(getClass());
    }

fi

if [ $failed_count_site2 -ne 0 ]; then
	echo "failed with multipart on site2 uploads"
	exit 1
fi

# Add user group test
./mc admin user add site1 site-replication-issue-user site-replication-issue-password
./mc admin group add site1 site-replication-issue-group site-replication-issue-user

max_wait_attempts=30
wait_interval=5

attempt=1
while true; do

					<div class="input-group mb-3">
						<c:set var="ph_new_password">
							<la:message key="labels.login.placeholder_new_password" />
						</c:set>
						<la:password property="password" class="form-control"
							placeholder="${ph_new_password}" />
						<div class="input-group-append">
							<span class="input-group-text">
								<em class="fa fa-lock fa-fw">
							</span>
						</div>

	_, err = sshPasswordAuth(newSSHCon, []byte("dillon"))
	if err != nil {
		c.Fatal("Password authentication failed for user (dillon):", err)
	}

	newSSHCon = newSSHConnMock("dillon")
	_, err = sshPasswordAuth(newSSHCon, []byte("dillon"))
	if err != nil {
		c.Fatal("Password authentication failed for user (dillon):", err)
	}

                int index = auth.indexOf(':');
                String user = ( index != -1 ) ? auth.substring(0, index) : auth;
                String password = ( index != -1 ) ? auth.substring(index + 1) : "";
                index = user.indexOf('\\');
                if ( index == -1 )
                    index = user.indexOf('/');

    @Test
    public void testNFold () {
        // rfc3961 test vectors
        verifyNfold(64, "012345", "be072631276b1955");
        verifyNfold(56, "password", "78a07b6caf85fa");
        verifyNfold(64, "Rough Consensus, and Running Code", "bb6ed30870b7f0e0");
        verifyNfold(168, "password", "59e4a8ca7c0385c3c37b3f6d2000247cb6e6bd5b3e");
        verifyNfold(192, "MASSACHVSETTS INSTITVTE OF TECHNOLOGY", "db3b0d8f0b061e603282b308a50841229ad798fab9540c1b");

## About third party integrations

In this example we are using the OAuth2 "password" flow.

This is appropriate when we are logging in to our own application, probably with our own frontend.

Because we can trust it to receive the `username` and `password`, as we control it.