var errNoSuchGroup = errors.New("Specified group does not exist")

// error returned in IAM subsystem when a policy attach/detach request has no
// net effect, i.e. it is already applied.
var errNoPolicyToAttachOrDetach = errors.New("Specified policy update has no net effect")

// error returned in IAM subsystem when a non-empty group needs to be
// deleted.

 * character encodings according to configured mapping rules.
 *
 * <p>The filter intercepts requests matching configured path patterns and
 * redirects them with proper character encoding applied to parameters.</p>
 */
public class EncodingFilter implements Filter {
    /** Configuration key for encoding rules mapping */
    public static final String ENCODING_MAP = "encodingRules";

| policy     | _string_       | Canned policy name to be applied for STS credentials. (Recommended)                                                                                                                     |

                throw new QueryParseException(e);
            }
        };
    }

    /**
     * Interface for query filters that can modify or transform queries.
     * Filters are applied in the order they are added to the parser.
     */
    public interface Filter {
        /**
         * Parses and potentially modifies the query string.
         *

    @Test
    public void test_annotationTargetElements() {
        CronExpression.class.isAnnotation();
        assertTrue(CronExpression.class.isAnnotation());

        // Check that annotation can be applied to METHOD, FIELD, ANNOTATION_TYPE, CONSTRUCTOR, PARAMETER
        java.lang.annotation.Target target = CronExpression.class.getAnnotation(java.lang.annotation.Target.class);
        assertNotNull(target);

import okhttp3.internal.isProbablyUtf8
import okhttp3.internal.platform.Platform
import okio.Buffer
import okio.GzipSource

/**
 * An OkHttp interceptor which logs request and response information. Can be applied as an
 * [application interceptor][OkHttpClient.interceptors] or as a [OkHttpClient.networkInterceptors].
 *
 * The format of the logs created by this class should not be considered stable and may

### `build-conventions`

This project contains build conventions that are applied to all elasticsearch projects.

### `build-tools`

This project contains all build logic that we publish for third party elasticsearch plugin authors.
We provide the following plugins:

                            || ModelVersionUtils.isNewerThan410(currentVersion)) {
                        context.success("Full inference optimizations applied");
                    } else {
                        context.success("Limited inference optimizations applied (parent-related only)");
                    }
                } else {
                    context.success("No inference optimizations needed");
                }

/// info

The additional header `WWW-Authenticate` with value `Bearer` we are returning here is also part of the spec.

Any HTTP (error) status code 401 "UNAUTHORIZED" is supposed to also return a `WWW-Authenticate` header.

In the case of bearer tokens (our case), the value of that header should be `Bearer`.

You can actually skip that extra header and it would still work.

| policy     | _string_ or _[]string_ or _comma_separated_value_ | Canned policy name to be applied for STS credentials. (Mandatory) - This can be configured to any desired value such as `roles` or `groups` by setting the environment variable `MINIO_IDENTITY_OPENID_CLAIM_NAME` |

## Get started