We highly recommend you keep OkHttp up-to-date. As with auto-updating web browsers, staying current
with HTTPS clients is an important defense against potential security problems. [We
track][tls_history] the dynamic TLS ecosystem and adjust OkHttp to improve connectivity and
security.

OkHttp uses your platform's built-in TLS implementation. On Java platforms OkHttp also supports

    }

    /**
     * Returns the local security context.
     *
     * @return A <code>byte[]</code> containing the local security
     * context.  This is used by the client to negotiate local
     * authentication.
     */
    public byte[] getContext() {
        return context;
    }

    /**
     * Sets the local security context.  This is used by the client

            assertEquals(2, Smb2Constants.SMB2_0_INFO_FILESYSTEM, "Filesystem info level must be 2");
        }

        @Test
        @DisplayName("Security info level should be 3")
        void testInfoSecurity() {
            assertEquals(3, Smb2Constants.SMB2_0_INFO_SECURITY, "Security info level must be 3");
        }

        @Test
        @DisplayName("Quota info level should be 4")
        void testInfoQuota() {

        MockitoAnnotations.openMocks(this);

        // Create a real ServerData instance as it's not mockable (inner class)
        SmbTransport.ServerData serverData = mockTransport.new ServerData();
        serverData.security = ServerMessageBlock.SECURITY_USER;
        serverData.encryptedPasswords = true;
        serverData.encryptionKey = new byte[8];

        // Configure mock transport
        mockTransport.server = serverData;

 */

package jcifs.dcerpc.msrpc;

import java.io.IOException;

import jcifs.dcerpc.DcerpcHandle;
import jcifs.dcerpc.rpc;
import jcifs.smb.SmbException;

/**
 * Handle for Security Account Manager (SAM) domain operations.
 * This class represents an open handle to a SAM domain and provides
 * operations for managing domain users, groups, and aliases.
 */

	if token != "" && cred.AccessKey == "" {
		// x-amz-security-token is not allowed for anonymous access.
		return nil, ErrNoAccessKey
	}

	if token == "" && cred.IsTemp() && !cred.IsServiceAccount() {
		// Temporary credentials should always have x-amz-security-token
		return nil, ErrInvalidToken
	}

	if token != "" && !cred.IsTemp() {
		// x-amz-security-token should not present for static credentials.

有些編輯器會檢查未使用的函式參數，並將其標示為錯誤。

把這些依賴放在路徑操作裝飾器中，可以確保它們被執行，同時避免編輯器／工具報錯。

這也有助於避免讓新加入的開發者看到未使用的參數時，以為它是不必要的而感到困惑。

///

/// info

在這個範例中我們使用了自訂的（虛構的）標頭 `X-Key` 與 `X-Token`。

但在實際情況下，當你實作安全機制時，使用整合的 [Security utilities（下一章）](../security/index.md) 會獲得更多好處。

///

## 依賴的錯誤與回傳值 { #dependencies-errors-and-return-values }

你可以使用與平常相同的依賴函式。

### 依賴的需求 { #dependency-requirements }

它們可以宣告請求需求（例如標頭（headers））或其他子依賴：

# Безпека { #security }

Існує багато способів реалізувати безпеку, автентифікацію та авторизацію.

І зазвичай це складна і «непроста» тема.

У багатьох фреймворках і системах лише обробка безпеки та автентифікації потребує великих зусиль і коду (у багатьох випадках це може бути 50% або більше від усього написаного коду).

    /**
     * Sets the user ID.
     *
     * @param uid the user ID to set
     */
    void setUid(int uid);

    /**
     * Sets whether extended security is enabled.
     *
     * @param extendedSecurity true to enable extended security
     */
    void setExtendedSecurity(boolean extendedSecurity);

    /**
     * Sets the session ID.
     *
     * @param sessionId the session ID to set

    }

    /**
     * Returns the local security context.
     *
     * @return A <code>byte[]</code> containing the local security
     *         context. This is used by the client to negotiate local
     *         authentication.
     */
    public byte[] getContext() {
        return this.context;
    }

    /**
     * Sets the local security context. This is used by the client