Pero haciendo eso, en algunos minutos u horas, los atacantes habrían adivinado el nombre de usuario y la contraseña correctos, con la "ayuda" de nuestra aplicación, solo usando el tiempo tomado para responder.

#### Arréglalo con `secrets.compare_digest()`

        helper.init();

        assertNotNull(helper.userInfoCache);
        assertNotNull(helper.searchLogLogger);
    }

    public void test_setUserCheckInterval() {
        long interval = 5 * 60 * 1000L; // 5 minutes
        searchLogHelper.setUserCheckInterval(interval);
        assertEquals(interval, searchLogHelper.userCheckInterval);
    }

    public void test_setUserInfoCacheSize() {
        int cacheSize = 5000;

     * The cache is configured with a maximum size of 100 entries and expires after 10 minutes.
     */
    @PostConstruct
    public void init() {
        if (logger.isDebugEnabled()) {
            logger.debug("Initialize {}", this.getClass().getSimpleName());
        }
        crawlingConfigCache = CacheBuilder.newBuilder().maximumSize(100).expireAfterWrite(10, TimeUnit.MINUTES).build();
    }

    /**

                        .maximumSize(fessConfig.getSuggestPopularWordCacheSizeAsInteger().longValue())
                        .expireAfterWrite(fessConfig.getSuggestPopularWordCacheExpireAsInteger().longValue(), TimeUnit.MINUTES)
                        .build();
            }
        };
        popularWordHelper.init();
    }

    public void test_getCacheKey_allParameters() {
        String seed = "test_seed";

     * Cache for storing resource file modification timestamps to enable cache busting.
     * The cache expires after 10 minutes and has a maximum size of 1000 entries.
     */
    private static LoadingCache<String, Long> resourceHashCache =
            CacheBuilder.newBuilder().maximumSize(1000).expireAfterWrite(10, TimeUnit.MINUTES).build(new CacheLoader<String, Long>() {
                @Override

    // Connection pool configuration
    private static final int DEFAULT_MAX_POOL_SIZE = 100;
    private static final int DEFAULT_MAX_IDLE_TIME = 300000; // 5 minutes in ms
    private static final int DEFAULT_HEALTH_CHECK_INTERVAL = 60000; // 1 minute in ms
    private static final int DEFAULT_PROACTIVE_CHECK_INTERVAL = 30000; // 30 seconds in ms
    private int maxPoolSize = DEFAULT_MAX_POOL_SIZE;

Claro, os invasores não tentariam tudo isso de forma manual, eles escreveriam um programa para fazer isso, possivelmente com milhares ou milhões de testes por segundo. E obteriam apenas uma letra a mais por vez.

Mas fazendo isso, em alguns minutos ou horas os invasores teriam adivinhado o usuário e senha corretos, com a "ajuda" da nossa aplicação, apenas usando o tempo levado para responder.

#### Corrija com o `secrets.compare_digest()`

---

Avec ces informations et ces outils, passez à la section suivante pour tout combiner.

## Cluster en mode Docker Swarm avec Traefik et HTTPS

Vous pouvez avoir un cluster en mode Docker Swarm configuré en quelques minutes (environ 20 min) avec un processus Traefik principal gérant HTTPS (y compris l'acquisition et le renouvellement des certificats).

        if (configMockedStatic != null)
            configMockedStatic.close();
    }

    @Test
    void testCacheEntry() {
        // Test with a specific TTL
        long ttl = 600; // 10 minutes
        Dfs.CacheEntry cacheEntry = new Dfs.CacheEntry(ttl);
        long expectedExpiration = System.currentTimeMillis() + ttl * 1000L;

Of course, the attackers would not try all this by hand, they would write a program to do it, possibly with thousands or millions of tests per second. And they would get just one extra correct letter at a time.

But doing that, in some minutes or hours the attackers would have guessed the correct username and password, with the "help" of our application, just using the time taken to answer.

#### Fix it with `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }