import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/**
 * Security-focused test cases for NtlmPasswordAuthenticator to verify timing attack resistance.
 */
public class NtlmPasswordAuthenticatorTimingAttackTest {

    private static final int TIMING_ITERATIONS = 1000;

     * @throws IOException if an I/O error occurs
     */
    SID getOwnerUser(boolean resolve) throws IOException;

    /**
     * Return an array of Access Control Entry (ACE) objects representing
     * the security descriptor associated with this file or directory.
     * <p>
     * Initially, the SIDs within each ACE will not be resolved however when

/// tip

集成其他身份认证/授权提供者（例如Google，Facebook，X (Twitter)，GitHub等）也是可能的，而且较为容易。

最复杂的问题是创建一个像这样的身份认证/授权提供程序，但是 **FastAPI** 为你提供了轻松完成任务的工具，同时为你解决了重活。

///

## **FastAPI** 实用工具

FastAPI 在 `fastapi.security` 模块中为每个安全方案提供了几种工具，这些工具简化了这些安全机制的使用方法。

在下一章中，你将看到如何使用 **FastAPI** 所提供的这些工具为你的 API 增加安全性。

import java.net.ProtocolException
import java.net.Proxy
import java.net.ServerSocket
import java.net.Socket
import java.net.SocketException
import java.security.SecureRandom
import java.security.cert.CertificateException
import java.security.cert.X509Certificate
import java.util.Collections
import java.util.Locale
import java.util.concurrent.ConcurrentHashMap
import java.util.concurrent.LinkedBlockingQueue

    prevents a potential crash when using certificate pinning with the Google
    Play Services security provider.


## Version 2.7.4

_2016-02-07_

 *  Fix: Don't crash when finding the trust manager if the Play Services (GMS)
    security provider is installed.
 *  Fix: The previous release introduced a performance regression on Android,

</div>

## Create the App with a Single Model { #create-the-app-with-a-single-model }

We'll create the simplest first version of the app with a single **SQLModel** model first.

Later we'll improve it increasing security and versatility with **multiple models** below. 🤓

### Create Models { #create-models }

Import `SQLModel` and create a database model:

{* ../../docs_src/sql_databases/tutorial001_an_py310.py ln[1:11] hl[7:11] *}

 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
package jcifs;

import java.net.InetAddress;
import java.security.SecureRandom;
import java.util.List;
import java.util.TimeZone;

/**
 *
 *
 * Implementors of this interface should extend {@link jcifs.config.BaseConfiguration} or

Speichern Sie niemals das Klartextpasswort eines Benutzers. Speichern Sie immer einen „sicheren Hash“, den Sie dann verifizieren können.

Wenn Sie nicht wissen, was das ist, werden Sie in den [Sicherheitskapiteln](security/simple-oauth2.md#password-hashing){.internal-link target=_blank} lernen, was ein „Passworthash“ ist.

///

## Mehrere Modelle { #multiple-models }

/// danger | Внимание

Никогда не храните пароли пользователей в чистом виде. Всегда храните "безопасный хэш", который вы затем сможете проверить.

Если вам это не знакомо, вы можете узнать про "хэш пароля" в [главах о безопасности](security/simple-oauth2.md#password-hashing){.internal-link target=_blank}.

///

## Множественные модели { #multiple-models }

			xhttp.AmzServerSideEncryptionCustomerKeyMD5:    []string{"7PpPLAK26ONlVUGOWlusfg=="},
			"X-Amz-Meta-Test-1":                            []string{"Test-1"},
		},
	},
	{ // https://github.com/google/security-research/security/advisories/GHSA-76wf-9vgp-pj7w
		Header: http.Header{
			"X-Amz-Meta-X-Amz-Unencrypted-Content-Md5":    []string{"value"},
			"X-Amz-Meta-X-Amz-Unencrypted-Content-Length": []string{"value"},