@get:JvmName("peerPrincipal")
  val peerPrincipal: Principal?
    get() = (peerCertificates.firstOrNull() as? X509Certificate)?.subjectX500Principal

  @JvmName("-deprecated_peerPrincipal")
  @Deprecated(
    message = "moved to val",
    replaceWith = ReplaceWith(expression = "peerPrincipal"),
    level = DeprecationLevel.ERROR,
  )
  fun peerPrincipal(): Principal? = peerPrincipal

  @JvmName("-deprecated_localCertificates")

 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations under
 * the License.
 */
package okhttp3

import java.security.Principal
import java.security.cert.Certificate
import javax.net.ssl.SSLPeerUnverifiedException
import javax.net.ssl.SSLSession
import javax.net.ssl.SSLSessionContext
import javax.security.cert.X509Certificate

  override fun getPeerCertificateChain(): Array<X509Certificate> = delegate!!.peerCertificateChain

  @Throws(SSLPeerUnverifiedException::class)
  override fun getPeerPrincipal(): Principal = delegate!!.peerPrincipal

  override fun getLocalPrincipal(): Principal = delegate!!.localPrincipal

  override fun getCipherSuite(): String = delegate!!.cipherSuite

  override fun getProtocol(): String = delegate!!.protocol

E é possível que para o seu caso de uso, a solução está em uma delas.

///

## Leia o Tutorial primeiro { #read-the-tutorial-first }

As próximas seções pressupõem que você já leu o principal [Tutorial - Guia de Usuário: Segurança](../../tutorial/security/index.md){.internal-link target=_blank}.

    /** The Kerberos subject for authentication */
    private Subject subject = null;
    /** The user principal name */
    private String user = null;
    /** The Kerberos realm */
    private String realm = null;
    /** The service principal name */
    private String service = DEFAULT_SERVICE;
    /** The user credential lifetime */
    private int userLifetime = GSSCredential.DEFAULT_LIFETIME;

bucketPolicyTemplate := `{"Version":"2012-10-17","Statement":[{"Sid":"","Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:GetBucketLocation","s3:ListBucket"],"Resource":["arn:aws:s3:::%s"]},{"Sid":"","Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:GetObject"],"Resource":["arn:aws:s3:::%s/this*"]}]}`

	bucketPolicyTemplateWithoutVersion := `{"Version":"","Statement":[{"Sid":"","Effect":"Allow","Principal":{"AWS":["*"]},"Action":["s3:GetBucketLocation","s3:ListBucket"],"Resource":["...

            return ((DcerpcPipeHandle) this).pipe.getServer();
        }
        return null;
    }

    /**
     * Gets the principal associated with this handle
     * @return the principal or null if not authenticated
     */
    public Principal getPrincipal() {
        if (this instanceof DcerpcPipeHandle) {
            return ((DcerpcPipeHandle) this).pipe.getPrincipal();
        }

{
   "Version":"2012-10-17",
   "Id":"PutObjectPolicy1",
   "Statement":[{
         "Sid":"DenyObjectsWithInvalidSSEKMS",
         "Effect":"Deny",
         "Principal":"*",
         "Action":"s3:PutObject",
         "Resource":"arn:aws:s3:::multi-key-poc/*",
         "Condition":{
            "StringNotEquals":{
               "s3:x-amz-server-side-encryption-aws-kms-key-id":"minio-default-key"
            }
         }
      }
   ]

                }
            }
        }
    }
}
```

## Media types adicionais para o retorno principal { #additional-media-types-for-the-main-response }

Você pode utilizar o mesmo parâmetro `responses` para adicionar diferentes media types para o mesmo retorno principal.

var errSftpPublicKeyWithoutCert = errors.New("public key authentication without certificate is not accepted")

// error returned in SFTP when user used certificate which does not contain principal(s)
var errSftpCertWithoutPrincipals = errors.New("certificates without principal(s) are not accepted")

// error returned when group name contains reserved characters