private fun createInsecureTrustManager(): X509TrustManager =
      object : X509TrustManager {
        override fun checkClientTrusted(
          chain: Array<X509Certificate>,
          authType: String,
        ) {}

        override fun checkServerTrusted(
          chain: Array<X509Certificate>,
          authType: String,
        ) {}

        override fun getAcceptedIssuers(): Array<X509Certificate> = arrayOf()

  }

  @Test
  fun interceptor() {
    var interceptor: Interceptor = Interceptor { TODO() }
    interceptor = Interceptor { it: Interceptor.Chain -> TODO() }
  }

  @Test
  fun interceptorChain() {
    val chain: Interceptor.Chain = newInterceptorChain()
  }

  @Test
  fun handshakeCertificates() {
    val handshakeCertificates = HandshakeCertificates.Builder().build()

    inline fun addInterceptor(crossinline block: (chain: Interceptor.Chain) -> Response) =
      addInterceptor(Interceptor { chain -> block(chain) })

    /**
     * Returns a modifiable list of interceptors that observe a single network request and response.
     * These interceptors must call [Interceptor.Chain.proceed] exactly once: it is an error for a

    affinity: {}

    # Custom annotations on pod level, if you need them
    podAnnotations: {}

    # Deploy the config files as plugin chain (value "true") or as standalone files in the conf dir (value "false")?
    # Some k8s flavors (e.g. OpenShift) do not support the chain approach, set to false if this is the case
    chained: true

    # Custom configuration happens based on the CNI provider.

 *    other properties.
 *
 * Certificates are signed by other certificates and a sequence of them is called a certificate
 * chain. The chain terminates in a self-signed "root" certificate. Signing certificates in the
 * middle of the chain are called "intermediates". Organizations that offer certificate signing are
 * called certificate authorities (CAs).
 *

import javax.servlet.http.HttpServletResponse;

public interface WebApiManager {

    boolean matches(HttpServletRequest request);

    void process(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException;

 * ```
 *
 * As expected, this fails with a certificate pinning exception:
 *
 * ```java
 * javax.net.ssl.SSLPeerUnverifiedException: Certificate pinning failure!
 * Peer certificate chain:
 *     sha256/afwiKY3RxoMmLkuRW1l7QsPZTJPwDS2pdDROQjXw8ig=: CN=publicobject.com, OU=PositiveSSL
 *     sha256/klO23nT2ehFDXCfx3eHTDRESMz3asj1muO+4aIdjiuY=: CN=COMODO RSA Secure Server CA

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 * either express or implied. See the License for the specific language
 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.auth.chain;

import org.codelibs.fess.es.user.exentity.User;
import org.codelibs.fess.util.ComponentUtil;

public class LdapChain implements AuthenticationChain {

    @Override
    public void update(final User user) {

	</component>
	<component name="authenticationManager" class="org.codelibs.fess.auth.AuthenticationManager">
		<!--
		<postConstruct name="addChain">
			<arg>
				<component class="org.codelibs.fess.auth.chain.CommandChain">
					<property name="updateCommand">[
					"/usr/sbin/htpasswd",
					"-b",
					"/tmp/test.txt",
					"$USERNAME",
					"$PASSWORD"
					]</property>
					<property name="deleteCommand">[

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
 * either express or implied. See the License for the specific language
 * governing permissions and limitations under the License.
 */
package org.codelibs.fess.auth.chain;

import org.codelibs.fess.es.user.exentity.User;

public interface AuthenticationChain {

    void update(User user);

    void delete(User user);