<div class="wrapper">
    <jsp:include page="/WEB-INF/view/common/admin/header.jsp"></jsp:include>
    <jsp:include page="/WEB-INF/view/common/admin/sidebar.jsp">
        <jsp:param name="menuCategoryType" value="system"/>
        <jsp:param name="menuType" value="general"/>
    </jsp:include>
    <main class="content-wrapper">
        <div class="content-header">
            <div class="container-fluid">
                <div class="row mb-2">

<img src="/img/tutorial/security/image10.png">

/// note

Notice the header `Authorization`, with a value that starts with `Bearer `.

///

## Advanced usage with `scopes` { #advanced-usage-with-scopes }

OAuth2 has the notion of "scopes".

* o corpo do formulário
* o corpo do arquivo
* o corpo da função

* o parâmetro
* o parâmetro de corpo
* o parâmetro de path
* o parâmetro de query
* o parâmetro de cookie
* o parâmetro de header
* o parâmetro de formulário
* o parâmetro da função

* o evento
* o evento de inicialização
* a inicialização do servidor
* o evento de encerramento
* o evento de lifespan

* o manipulador

        assertTrue(encrypted.length > plaintext.length, "Encrypted message should be larger than plaintext");

        // Verify transform header is present (first 52 bytes)
        assertTrue(encrypted.length >= 52, "Encrypted message should include transform header");

        // When - Decrypt
        byte[] decrypted = context.decryptMessage(encrypted);

        // Then - Verify decryption

tType||t.contentType)&&T.setRequestHeader("Content-Type",v.contentType),T.setRequestHeader("Accept",v.dataTypes[0]&&v.accepts[v.dataTypes[0]]?v.accepts[v.dataTypes[0]]+("*"!==v.dataTypes[0]?", "+zt+"; q=0.01":""):v.accepts["*"]),v.headers)T.setRequestHeader(i,v.headers[i]);if(v.beforeSend&&(!1===v.beforeSend.call(y,T,v)||h))return T.abort();if(u="abort",b.add(v.complete),T.done(v.success),T.fail(v.error),c=Vt(_t,v,t,T)){if(T.readyState=1,g&&m.trigger("ajaxSend",[T,v]),h)return T;v.async&&0<v.tim...

        int bodyOffset = Smb2Constants.SMB2_HEADER_LENGTH;
        int securityBufferOffset = SMBUtil.readInt2(buffer, bodyOffset + 12);

        // The offset should point to the location after the fixed structure (relative to header start)
        int expectedOffset = Smb2Constants.SMB2_HEADER_LENGTH + 24;
        while ((expectedOffset % 8) != 0) {
            expectedOffset++; // Account for pad8
        }

		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
		return
	}
	globalNotificationSys.SignalConfigReload(subSys)
	// Tell the client that dynamic config was applied.
	w.Header().Set(madmin.ConfigAppliedHeader, madmin.ConfigAppliedTrue)
}

type badConfigErr struct {
	Err error
}

// Error - return the error message
func (bce badConfigErr) Error() string {

FastAPI 已經整合了安全性和身份驗證的功能，但不會強制與特定的資料庫或資料模型進行綁定。

OpenAPI 中定義的安全模式，包括：

* HTTP 基本認證。
* **OAuth2**（也使用 **JWT tokens**）。在 [OAuth2 with JWT](tutorial/security/oauth2-jwt.md) 查看教學。
* API 密鑰，在：
    * 標頭（Header）
    * 查詢參數
    * Cookies，等等。

加上來自 Starlette（包括 **session cookie**）的所有安全特性。

所有的這些都是可重複使用的工具和套件，可以輕鬆與你的系統、資料儲存（Data Stores）、關聯式資料庫（RDBMS）以及非關聯式資料庫（NoSQL）等等整合。

# ========================================================================================
# Framework Default
# =================
# ----------------------------------------------------------
# Lasta Taglib
# ------------
errors.header = <ul class="has-error">
errors.footer = </ul>
errors.prefix = <li><i class="fa fa-exclamation-circle"></i>
errors.suffix = </li>
# ----------------------------------------------------------
# Javax Validator

    }

    /**
     * Encrypt a message using the session's encryption context
     *
     * @param message the message to encrypt
     * @return encrypted message with transform header
     * @throws CIFSException if encryption fails or is not enabled
     */
    public byte[] encryptMessage(byte[] message) throws CIFSException {
        if (this.encryptionContext == null) {