annotations: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 resources: requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will fail if...

annotations: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 resources: requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will fail if...

annotations: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 resources: requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will fail if...

Additional pod labels podLabels: {} ## Configure resource requests and limits ## ref: http://kubernetes.io/docs/user-guide/compute-resources/ ## resources: requests: memory: 16Gi ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will fail if...

                buffer.append(hash).append('@');
            }
            buffer.append(proxy.getHost()).append(':').append(proxy.getPort()).append('>');
        }

        // consider the username&password because a repo manager might block artifacts depending on authorization
        Authentication auth = repository.getAuthentication();
        if (auth != null) {

		kafkaArgs.SASL.Enable = getCfgVal(EnvKafkaSASLEnable, k, kv.Get(KafkaSASL)) == config.EnableOn
		kafkaArgs.SASL.User = getCfgVal(EnvKafkaSASLUsername, k, kv.Get(KafkaSASLUsername))
		kafkaArgs.SASL.Password = getCfgVal(EnvKafkaSASLPassword, k, kv.Get(KafkaSASLPassword))
		kafkaArgs.SASL.Mechanism = getCfgVal(EnvKafkaSASLMechanism, k, kv.Get(KafkaSASLMechanism))

                    Authentication result = new Authentication(
                            authCtx.get(AuthenticationContext.USERNAME), authCtx.get(AuthenticationContext.PASSWORD));
                    result.setPrivateKey(authCtx.get(AuthenticationContext.PRIVATE_KEY_PATH));
                    result.setPassphrase(authCtx.get(AuthenticationContext.PRIVATE_KEY_PASSPHRASE));

		c.Fatalf("user could not create bucket: %v", err)
	}

	// 3.10. Check that user's password can be updated.
	_, newSecretKey := mustGenerateCredentials(c)
	err = s.adm.SetUser(ctx, accessKey, newSecretKey, madmin.AccountEnabled)
	if err != nil {
		c.Fatalf("Unable to update user's secret key: %v", err)
	}
	// 3.10.1 Check that old password no longer works.
	err = client.MakeBucket(ctx, getRandomBucketName(), minio.MakeBucketOptions{})

requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} extraVolumes: [] extraVolumeMounts: [] # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

# OAuth2 mit Password (und Hashing), Bearer mit JWT-Tokens

Da wir nun über den gesamten Sicherheitsablauf verfügen, machen wir die Anwendung tatsächlich sicher, indem wir <abbr title="JSON Web Tokens">JWT</abbr>-Tokens und sicheres Passwort-Hashing verwenden.

Diesen Code können Sie tatsächlich in Ihrer Anwendung verwenden, die Passwort-Hashes in Ihrer Datenbank speichern, usw.

Wir bauen auf dem vorherigen Kapitel auf.

## Über JWT