// allowed, either.
  //
  // +optional
  optional string url = 3;

  // `service` is a reference to the service for this webhook. Either
  // `service` or `url` must be specified.
  //
  // If the webhook is running within the cluster, then you should use `service`.
  //
  // +optional
  optional ServiceReference service = 1;

	</component>

	<!-- Service -->
	<component name="urlQueueService" class="org.codelibs.fess.crawler.service.impl.UrlQueueServiceImpl" instance="prototype" >
	</component>
	<component name="dataService" class="org.codelibs.fess.crawler.service.impl.DataServiceImpl" instance="prototype" >
	</component>
	<component name="urlFilterService" class="org.codelibs.fess.crawler.service.impl.UrlFilterServiceImpl" instance="prototype" >

                    "metadata": {
                      "filter_metadata": {
                        "istio": {
                          "config": "/apis/networking.istio.io/v1alpha3/namespaces/default/virtual-service/bookinfo"
                        }
                      }
                    },
                    "decorator": {
                      "operation": "productpage.default.svc.cluster.local:9080/productpage"

	}

	s3Err := isReqAuthenticated(ctx, r, globalSite.Region(), serviceSTS)
	if s3Err != ErrNone {
		return auth.Credentials{}, s3Err
	}

	user, _, s3Err := getReqAccessKeyV4(r, globalSite.Region(), serviceSTS)
	if s3Err != ErrNone {
		return auth.Credentials{}, s3Err
	}

	// Temporary credentials or Service accounts cannot generate further temporary credentials.

        activityHelper.login(OptionalThing.empty());
        assertEquals(
                "{\"@timestamp\":\"2022-01-01T00:00:00.000Z\",\"log.level\":\"INFO\",\"ecs.version\":\"1.2.0\",\"service.name\":\"fess\",\"event.dataset\":\"app\",\"process.thread.name\":\"main\",\"log.logger\":\"org.codelibs.fess.helper.ActivityHelperTest$1\",\"labels.action\":\"LOGIN\",\"labels.user\":\"-\",\"labels.permissions\":\"-\"}",

    }


    /**
     * Set the service name which is used to setup <code>GSSContext</code>.
     * Program will use this name to require service ticket from KDC.
     *
     * @param name
     *            the service name used to require service ticket from KDC.
     */
    public void setService ( String name ) {
        this.service = name;
    }


    /**
     * Get the service name.

    operator.istio.io/version: 1.15.1
    release: istio
  name: istio-sidecar-injector-deactivated
webhooks:
  - admissionReviewVersions:
      - v1beta1
      - v1
    clientConfig:
      service:
        name: istiod
        namespace: istio-system
        path: /inject
        port: 443
    failurePolicy: Fail
    matchPolicy: Equivalent
    name: rev.namespace.sidecar-injector.istio.io

MINIO_IDENTITY_OPENID_VENDOR                (string)    Specify vendor type for vendor specific behavior to checking validity of temporary credentials and service accounts on MinIO
MINIO_IDENTITY_OPENID_CLAIM_USERINFO        (on|off)    Enable fetching claims from UserInfo Endpoint for authenticated user

		arn  ARN
		want string
	}{
		{
			arn: ARN{
				Partition:    "minio",
				Service:      "iam",
				Region:       "us-east-1",
				ResourceType: "role",
				ResourceID:   "my-role",
			},
			want: "arn:minio:iam:us-east-1::role/my-role",
		},
		{
			arn: ARN{
				Partition:    "minio",
				Service:      "",
				Region:       "us-east-1",
				ResourceType: "role",
				ResourceID:   "my-role",
			},

**We recommend setting `policy` as a custom claim for the JWT service provider follow [here](https://docs.wso2.com/display/IS550/Configuring+Claims+for+a+Service+Provider) and [here](https://docs.wso2.com/display/IS550/Handling+Custom+Claims+with+the+JWT+Bearer+Grant+Type) for relevant docs on how to configure claims for a service provider.**

### 5. Setup MinIO with OpenID configuration URL