Observa que en ninguna parte del código está la contraseña en texto claro "`secret`", solo tenemos la versión con hash.

///

<img src="/img/tutorial/security/image08.png">

Llama al endpoint `/users/me/`, obtendrás el response como:

```JSON
{
  "username": "johndoe",
  "email": "******@****.***",
  "full_name": "John Doe",
  "disabled": false
}
```

 * AsyncCacheLoader.asyncLoad}</a> must return a {@code CompletableFuture}. Users of Guava's {@link
 * com.google.common.util.concurrent.ListenableFuture} can adapt between the two {@code Future}
 * types by using <a href="https://github.com/lukas-krecan/future-converter#java8-guava">{@code

        }
    }

    /**
     * Adds a click count field to the document based on search log data.
     * The click count represents how many times users have clicked on this document in search results.
     *
     * @param doc the document data map to add the click count to
     */
    protected void addClickCountField(final Map<String, Object> doc) {

        this.deleteCommand = deleteCommand;
    }

    /**
     * Sets the array of target usernames for command execution.
     * @param targetUsers The target users array.
     */
    public void setTargetUsers(final String[] targetUsers) {
        this.targetUsers = targetUsers;
    }

   - Begin SMB3 lease implementation
   - Create comprehensive test suite
   - Document API changes

3. **Community Engagement**:
   - Announce implementation plan
   - Solicit feedback from users
   - Identify beta testers for early access

## References

- [MS-SMB2]: Server Message Block (SMB) Protocol Version 2 and 3
- [MS-SWN]: Service Witness Protocol

- Missing directories listed in a user's PATH are no longer considered errors and are instead logged by the `kubectl plugin list` command when listing available plugins. ([#73542](https://github.com/kubernetes/kubernetes/pull/73542), [@juanvallejo](https://github.com/juanvallejo))
- Now users can get object info like:

  ```bash

adding an OwnerReference

A vulnerability exists in the NodeRestriction admission controller where node users can delete their corresponding node object by patching themselves with an OwnerReference to a cluster-scoped resource. If the OwnerReference resource does not exist or is subsequently deleted, the given node object will be deleted via garbage collection. By default, node users are authorized for create and patch requests but not delete requests against their node object. Since the NodeRestriction...

 * complete details.
 *
 * @deprecated NTLMv1 only
 */
/**
 * An HTTP servlet filter that provides NTLM authentication support.
 * This filter allows web applications to authenticate users via NTLM/Windows authentication.
 */
@Deprecated
public class NtlmHttpFilter implements Filter {

    /**
     * Default constructor.
     */
    public NtlmHttpFilter() {
        // Default constructor

In this case, it might not be a problem, because it's the same user sending the password.

But if we use the same model for another *path operation*, we could be sending our user's passwords to every client.

/// danger

Never store the plain password of a user or send it in a response like this, unless you know all the caveats and you know what you are doing.

///

        }
    }

    @Test
    public void testIpRateLimit() throws Exception {
        String ip = "192.168.1.3";

        // Make attempts from same IP with different users
        for (int i = 1; i <= 5; i++) {
            assertTrue(rateLimiter.checkAttempt("user" + i, ip), "Attempt " + i + " should be allowed");
            rateLimiter.recordFailure("user" + i, ip);
        }