assertDoesNotThrow(() -> ntlmServlet.init(servletConfig));
    }

    /**
     * Test the service method when no Authorization header is present and no session exists.
     * Expects a 401 Unauthorized response with NTLM and Basic authentication challenges.
     * @throws ServletException
     * @throws IOException
     */
    @Test

### Lambda Target with Auth Token

If your lambda target expects an authorization token then you can enable it per function target as follows

```
MINIO_LAMBDA_WEBHOOK_ENABLE_function=on MINIO_LAMBDA_WEBHOOK_ENDPOINT_function=http://localhost:5000 MINIO_LAMBDA_WEBHOOK_AUTH_TOKEN="mytoken" minio server /data &
```

### Lambda Target with mTLS authentication

If your lambda target expects mTLS client you can enable it per function target as follows

		t.Fatalf("member id is not equal: expects: %v, got: %v", profile.Refer, member.ProfileID)
	}

	DB.Model(&profile).Update("Refer", 100)

	var member2 Member
	if err := DB.First(&member2, "id = ?", member.ID).Error; err != nil {
		t.Fatalf("failed to find member, got error: %v", err)
	} else if member2.ProfileID != 100 {
		t.Fatalf("member id is not equal: expects: %v, got: %v", 100, member2.ProfileID)
	}

 */
@ExtendWith(MockitoExtension.class)
class KerberosAuthDataTest {

    @Mock
    private Map<Integer, KerberosKey> mockKeys;

    /**
     * Test parsing with an unknown auth type.
     * Expects an empty list of authorizations.
     * @throws PACDecodingException should not be thrown
     */
    @Test
    void testParseUnknownAuthType() throws PACDecodingException {
        // GIVEN an unknown auth type

- Chroot installed on your machine.

## 2. Install MinIO in Chroot

```sh
mkdir -p /mnt/export/${USER}/bin
wget https://dl.min.io/server/minio/release/linux-amd64/minio -O /mnt/export/${USER}/bin/minio
chmod +x /mnt/export/${USER}/bin/minio
```

Bind your `proc` mount to the target chroot directory

```
sudo mount --bind /proc /mnt/export/${USER}/proc
```

## 3. Run Standalone MinIO in Chroot

### GNU/Linux

```sh

Set the `MINIO_POLICY_PLUGIN_URL` as the endpoint that MinIO should send authorization requests to. Then start the server.

```sh
export MINIO_POLICY_PLUGIN_URL=http://localhost:8181/v1/data/httpapi/authz/allow
export MINIO_CI_CD=1
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123
minio server /mnt/data
```

### 5. Test with a regular IAM user

#!/bin/bash

set -ex

export MODE="$1"
export ACCESS_KEY="$2"
export SECRET_KEY="$3"
export JOB_NAME="$4"
export MINT_MODE="full"

docker system prune -f || true
docker volume prune -f || true
docker volume rm $(docker volume ls -f dangling=true) || true

## change working directory
cd .github/workflows/mint

## always pull latest
docker pull docker.io/minio/mint:edge

docker-compose -f minio-${MODE}.yaml up -d

	rm -rf /tmp/multisiteb
	rm -rf /tmp/data
	if [ $# -ne 0 ]; then
		exit $#
	fi
}

catch

set -e
export MINIO_CI_CD=1
export MINIO_BROWSER=off
export MINIO_ROOT_USER="minio"
export MINIO_ROOT_PASSWORD="minio123"
export MINIO_KMS_AUTO_ENCRYPTION=off
export MINIO_PROMETHEUS_AUTH_TYPE=public
export MINIO_KMS_SECRET_KEY=my-minio-key:OSMM+vkKUTCvQs9YL/CVMIMt43HFhkUpqJxTmGl6rYw=
unset MINIO_KMS_KES_CERT_FILE

### Casos de uso: serviço externo

Um exemplo pode ser que você possua um provedor de autenticação externo que você precisa chamar.

Você envia ao serviço um *token* e ele retorna um usuário autenticado.

Este provedor pode cobrar por requisição, e chamá-lo pode levar mais tempo do que se você tivesse um usuário fixo para os testes.

application is in compliance with the licenses of MinIO and all other open-source projects with which your application integrates or interacts. We understand that AGPLv3 licensing is complex and nuanced. It is for that reason we strongly encourage using experts in licensing to make any such determinations around compliance instead of relying on apocryphal or anecdotal advice.

[MinIO Commercial Licensing](https://min.io/pricing) is the best option for applications that trigger AGPLv3 obligations (e.g....