### Browser UI

- Search UI: http://localhost:8080/

![Search UI](https://fess.codelibs.org/_images/fess_search_result1.png)

- Admin UI: http://localhost:8080/admin/ (default username/password is admin/admin)

![Admin UI](https://fess.codelibs.org/_images/fess_admin_dashboard.png)

前回と同じ方法でアプリケーションの認可を行います。

次の認証情報を使用します：

Username: `johndoe`
Password: `secret`

/// check | 確認

コードのどこにも平文のパスワード"`secret`"はなく、ハッシュ化されたものしかないことを確認してください。

///

<img src="/img/tutorial/security/image08.png">

エンドポイント`/users/me/`を呼び出すと、次のようなレスポンスが得られます：

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",
  "full_name": "John Doe",

                buffer.append(hash).append('@');
            }
            buffer.append(proxy.getHost()).append(':').append(proxy.getPort()).append('>');
        }

        // consider the username&password because a repo manager might block artifacts depending on authorization
        Authentication auth = repository.getAuthentication();
        if (auth != null) {

    public String urlExpr;

    /** Boost expression for search filtering. */
    public String boostExpr;

    /** Sort order for search filtering. */
    public String sortOrder;

    /** Creator username for search filtering. */
    public String createdBy;

    /** Creation time for search filtering. */
    public String createdTime;

    /** Version number for search filtering. */
    public String versionNo;

But first, let's check some small concepts.

## In a hurry? { #in-a-hurry }

If you don't care about any of these terms and you just need to add security with authentication based on username and password *right now*, skip to the next chapters.

## OAuth2 { #oauth2 }

OAuth2 is a specification that defines several ways to handle authentication and authorization.

        assertEquals("WORKGROUP", defaultDomain, "Should delegate default domain");
        assertEquals("testuser", defaultUsername, "Should delegate default username");
        assertEquals("testpass", defaultPassword, "Should delegate default password");
        assertEquals("jCIFS", nativeLanMan, "Should delegate native LanMan");

        verify(mockDelegate).getOemEncoding();

labels.replacement=Замена
labels.sessionId=ID сессии
labels.sortOrder=Порядок сортировки
labels.updatedBy=Обновлено
labels.updatedTime=Время обновления
labels.urls=URL-адреса
labels.userAgent=User Agent
labels.username=Имя пользователя
labels.value=Значение
labels.versionNo=Номер версии
labels.cronExpression=Расписание
labels.dayForCleanup=Удалить документы старше указанных дней

        } else {
            System.clearProperty("jcifs.smb1.smb.lmCompatibility");
        }
    }

    // Test constructor with domain, username, and password
    @Test
    void testConstructorWithDomainUsernamePassword() {
        NtlmPasswordAuthentication auth = new NtlmPasswordAuthentication("DOMAIN", "user", "password");

  /** Path separator (":" on UNIX). */
  PATH_SEPARATOR("path.separator"),

  /** Line separator ("\n" on UNIX). */
  LINE_SEPARATOR("line.separator"),

  /** User's account name. */
  USER_NAME("user.name"),

  /** User's home directory. */
  USER_HOME("user.home"),

  /** User's current working directory. */
  USER_DIR("user.dir");

  private final String key;

		Token: Token{Content: "token"},
	}
	o1, err := saveTokenOwner(&owner)
	if err != nil {
		t.Errorf("failed to save token owner, got error: %v", err)
	}
	if o1.Name != "user_name" {
		t.Errorf(`owner name should be "user_name", but got: "%s"`, o1.Name)
	}
	if o1.Token.Content != "token_encrypted" {
		t.Errorf(`token content should be "token_encrypted", but got: "%s"`, o1.Token.Content)
	}

	owner = TokenOwner{