MinIO supports multiple long term users in addition to default user created during server startup. New users can be added after server starts up, and server can be configured to deny or allow access to buckets and resources to each of these users. This document explains how to add/remove users and modify their access rights.

## Get started

In this document we will explain in detail on how to configure multiple users.

### 1. Prerequisites

import org.lastaflute.web.response.render.RenderData;
import org.lastaflute.web.ruts.process.ActionRuntime;

import jakarta.annotation.Resource;

/**
 * Admin action for Access Token management.
 * This class provides CRUD operations for access tokens.
 *
 */
public class AdminAccesstokenAction extends FessAdminAction {

    /**
     * Default constructor.
     */
    public AdminAccesstokenAction() {

import java.util.List;
import java.util.Map;

import org.codelibs.curl.io.ContentCache;
import org.junit.Test;

/**
 * Test class for CurlResponse.
 * Tests response handling, header operations, and content access.
 */
public class CurlResponseTest {

    @Test
    public void testConstructor() {
        CurlResponse response = new CurlResponse();
        assertNotNull(response);
    }

    @Test

    /**
     * Enable other opens for read access
     */
    public static final int FILE_SHARE_READ = 0x1;

    /**
     * Enable other opens for write access
     */
    public static final int FILE_SHARE_WRITE = 0x2;

    /**
     * Enable other opens for delete access
     */
    public static final int FILE_SHARE_DELETE = 0x4;

    /**

```
cat ${HADOOP_CONF_DIR}/core-site.xml | kv-pairify | grep "s3a"

fs.s3a.access.key=minio
fs.s3a.secret.key=minio123
fs.s3a.path.style.access=true
fs.s3a.block.size=512M
fs.s3a.buffer.dir=${hadoop.tmp.dir}/s3a
fs.s3a.committer.magic.enabled=false
fs.s3a.committer.name=directory
fs.s3a.committer.staging.abort.pending.uploads=true

     * @param access the desired access rights
     * @param shareAccess the share access mode
     * @param extFileAttributes the extended file attributes
     * @param createOptions the create options
     * @param andx the next command in the chain
     */
    public SmbComNTCreateAndX(final Configuration config, final String name, final int flags, final int access, final int shareAccess,

    assertThat(request.tag(Any::class.java)).isNull()
    assertThat(request.tag(UUID::class.java)).isNull()
    assertThat(request.tag(String::class.java)).isNull()

    // Alternate access APIs also work.
    assertThat(request.tag<String>()).isNull()
    assertThat(request.tag(String::class)).isNull()
  }

  @Test
  fun defaultTag() {
    val tag = UUID.randomUUID()
    val request =

            // Then
            assertNotNull(ra1, "Random access with mode should not be null");
            assertNotNull(ra2, "Random access with sharing should not be null");
            assertSame(mockRandomAccess, ra1, "Should return expected random access");
            assertSame(mockRandomAccess, ra2, "Should return expected random access");
        }
    }

    @Nested

import jakarta.annotation.PostConstruct;
import jakarta.servlet.ServletRequest;
import jakarta.servlet.ServletResponse;
import jakarta.servlet.http.HttpServletResponse;

/**
 * Default implementation of CORS (Cross-Origin Resource Sharing) handler.
 * This handler automatically registers itself for origins configured in the system
 * and applies standard CORS headers based on the application configuration.
 */

Headers" class="external-link" target="_blank">usando el prefijo 'X-'</a>.

Pero si tienes headers personalizados que quieres que un cliente en un navegador pueda ver, necesitas agregarlos a tus configuraciones de CORS (leer más en [CORS (Cross-Origin Resource Sharing)](../tutorial/cors.md){.internal-link target=_blank}), usando el parámetro `expose_headers` documentado en <a href="https://www.starlette.io/middleware/#corsmiddleware" class="external-link" target="_blank">la documentación...