同理，JWT 可以用于更复杂的场景。

在这些情况下，多个实体的 ID 可能是相同的，以 ID  `foo` 为例，用户的 ID 是 `foo`，车的 ID 是 `foo`，博客的 ID 也是  `foo`。

为了避免 ID 冲突，在给用户创建 JWT 令牌时，可以为 `sub` 键的值加上前缀，例如 `username:`。因此，在本例中，`sub` 的值可以是：`username:johndoe`。

注意，划重点，`sub` 键在整个应用中应该只有一个唯一的标识符，而且应该是字符串。

## 检查

运行服务器并访问文档： <a href="http://127.0.0.1:8000/docs" class="external-link" target="_blank">http://127.0.0.1:8000/docs</a>。

    val url: URL = httpUrl.toUrl()
    val uri: URI = httpUrl.toUri()
    val scheme: String = httpUrl.scheme
    val encodedUsername: String = httpUrl.encodedUsername
    val username: String = httpUrl.username
    val encodedPassword: String = httpUrl.encodedPassword
    val password: String = httpUrl.password
    val host: String = httpUrl.host
    val port: Int = httpUrl.port

### Browser UI

- Search UI: http://localhost:8080/

![Search UI](https://fess.codelibs.org/_images/fess_search_result1.png)

- Admin UI: http://localhost:8080/admin/ (default username/password is admin/admin)

![Admin UI](https://fess.codelibs.org/_images/fess_admin_dashboard.png)

    public String urlExpr;

    /** Boost expression for search filtering. */
    public String boostExpr;

    /** Sort order for search filtering. */
    public String sortOrder;

    /** Creator username for search filtering. */
    public String createdBy;

    /** Creation time for search filtering. */
    public String createdTime;

    /** Version number for search filtering. */
    public String versionNo;

project.

  - If you are an individual writing original source code and you're sure you
    own the intellectual property, then you'll need to sign an [individual
    CLA][]. Please include your GitHub username.
  - If you work for a company that wants to allow you to contribute your work,
    then you'll need to sign a [corporate CLA][].

You generally only need to submit a CLA once, so if you've already submitted

But first, let's check some small concepts.

## In a hurry? { #in-a-hurry }

If you don't care about any of these terms and you just need to add security with authentication based on username and password *right now*, skip to the next chapters.

## OAuth2 { #oauth2 }

OAuth2 is a specification that defines several ways to handle authentication and authorization.

        } else {
            System.clearProperty("jcifs.smb1.smb.lmCompatibility");
        }
    }

    // Test constructor with domain, username, and password
    @Test
    void testConstructorWithDomainUsernamePassword() {
        NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication("DOMAIN", "user", "password");

        assertEquals("WORKGROUP", defaultDomain, "Should delegate default domain");
        assertEquals("testuser", defaultUsername, "Should delegate default username");
        assertEquals("testpass", defaultPassword, "Should delegate default password");
        assertEquals("jCIFS", nativeLanMan, "Should delegate native LanMan");

        verify(mockDelegate).getOemEncoding();

3. **Flow**:
   - Review promptly to avoid blocking progress.
   - Balance quality and speed—minor issues can be addressed later via issues, not PR blocks.
   - If unable to complete the review, tag another reviewer (e.g., `@username please take over`).

4. **Shared Responsibility**:
   - All MinIO contributors are reviewers. The first commenter on a PR owns the review unless they delegate.
   - Multiple reviewers are encouraged for complex PRs.

        Map<String, Object> context = new HashMap<>();
        context.put("password", "secretpassword123");
        context.put("sessionId", "abc123def456");
        context.put("username", "******@****.***");

        logger.logEvent(EventType.AUTHENTICATION_SUCCESS, Severity.INFO, "Login attempt", context);

        // The test verifies that the logger runs without errors when masking is enabled