if (password != null) {
                    // Cipher uses Strings
                    passwd = String.copyValueOf(password);

                    // Sun/Oracle advises to empty the char array
                    java.util.Arrays.fill(password, ' ');
                }
            }
            System.out.println(dispatcher.encrypt(passwd, null));

## О сторонних интеграциях { #about-third-party-integrations }

В этом примере мы используем OAuth2 «password flow» (аутентификация по паролю).

Это уместно, когда мы входим в наше собственное приложение, вероятно, с нашим собственным фронтендом.

Мы можем ему доверять при получении `username` и `password`, потому что он под нашим контролем.

* Deep Learning
* Machine Learning
* Dependency Injection
* HTTP Basic-Authentifizierung
* HTTP Digest
* ISO-Format
* der JSON-Schema-Standard
* das JSON-Schema
* die Schema-Definition
* Password Flow
* Mobile

* deprecatet
* designt
* ungültig
* on the fly
* Standard
* Default
* Groß-/Klein­schrei­bung ist relevant
* Groß-/Klein­schrei­bung ist nicht relevant

        ntlmServlet.init(servletConfig);
        setupMocksForAuth();

        byte[] challenge = new byte[8];
        NtlmPasswordAuthentication ntlmAuth = new NtlmPasswordAuthentication(cifsContext, "TEST_DOMAIN", "user", "password");

        try (MockedStatic<NtlmSsp> ntlmSspMock = Mockito.mockStatic(NtlmSsp.class)) {
            ntlmSspMock.when(() -> NtlmSsp.authenticate(any(), any(), any(), any())).thenReturn(ntlmAuth);

                    (fields) defined in the `response_model`. If you returned an object
                    that contains an attribute `password` but the `response_model` does
                    not include that field, the JSON sent to the client would not have
                    that `password`.
                * Validation: whatever you return will be serialized with the

                    Authentication result = new Authentication(
                            authCtx.get(AuthenticationContext.USERNAME), authCtx.get(AuthenticationContext.PASSWORD));
                    result.setPrivateKey(authCtx.get(AuthenticationContext.PRIVATE_KEY_PATH));
                    result.setPassphrase(authCtx.get(AuthenticationContext.PRIVATE_KEY_PASSPHRASE));

                    this.auth.getUsername(), this.workstation, this.ntlmsspFlags);
        }

        // Use secure password handling
        String passwordString = null;
        if (this.auth.isGuest()) {
            passwordString = this.transportContext.getConfig().getGuestPassword();
        } else {

        .body(gzip("abcabcabc"))
        .addHeader("Content-Encoding: gzip")
        .build(),
    )
    client =
      client
        .newBuilder()
        .authenticator(RecordingOkAuthenticator("password", null))
        .build()
    executeSynchronously("/").assertBody("abcabcabc")
  }

  @Test
  fun rangeHeaderPreventsAutomaticGzip() {
    val gzippedBody = gzip("abcabcabc")

    if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then
      wget $QUIET "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
    else
      wget $QUIET --http-user="$MVNW_USERNAME" --http-password="$MVNW_PASSWORD" "$wrapperUrl" -O "$wrapperJarPath" || rm -f "$wrapperJarPath"
    fi
  elif command -v curl >/dev/null; then
    log "Found curl ... using curl"
    [ "$MVNW_VERBOSE" = true ] && QUIET="" || QUIET="--silent"

그리고 이 수천 개의 *경로 작동*은 모두 3줄 정도로 줄일 수 있습니다.

{* ../../docs_src/security/tutorial002.py hl[30:32] *}

## 요약

이제 *경로 작동 함수*에서 현재 사용자를 직접 가져올 수 있습니다.

우리는 이미 이들 사이에 있습니다.

사용자/클라이언트가 실제로 `username`과 `password`를 보내려면 *경로 작동*을 추가하기만 하면 됩니다.