* modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *

specifying a version).After replication syncs the delete marker on the target, the DeleteMarker on the target shows `X-Amz-Replication-Status` of `REPLICA`. The status of DeleteMarker replication is returned by `X-Minio-Replication-DeleteMarker-Status` header on `HEAD/GET` calls for the delete marker version in question - i.e with `mc stat --version-id dm-version-id`

It must be noted that if active-active replication is set up with delete marker replication, there is potential for duplicate delete...

    /** The path of the HTML: /footer.jsp */
    HtmlNext path_FooterJsp = new HtmlNext("/footer.jsp");

    /** The path of the HTML: /header.jsp */
    HtmlNext path_HeaderJsp = new HtmlNext("/header.jsp");

    /** The path of the HTML: /help.jsp */
    HtmlNext path_HelpJsp = new HtmlNext("/help.jsp");

    /** The path of the HTML: /index.jsp */

marker replication can be viewed by doing a GET/HEAD on the object version - it will return a `X-Minio-Replication-DeleteMarker-Status` header and http response code of `405`. In the case of permanent deletes, if the delete replication is pending or failed to propagate to the target cluster, GET/HEAD will return additional `X-Minio-Replication-Delete-Status` header and a http response code of `405`.

![delete](https://raw.githubusercontent.com/minio/minio/master/docs/bucket/replication/D...

  "token_type": "Bearer",
  "expires_in": 3600
}
```

### 4. JWT Claims

The id_token received is a signed JSON Web Token (JWT). Use a JWT decoder to decode the id_token to access the payload of the token that includes following JWT claims:

          # The "digest" that allows us to pull an image is not the digest as
          # returned by the API, but a sha256sum of the entire chunk of image
          # metadata. gcr.io helpfully includes it in the header of the response
          # as docker-content-digest: sha256:[digest]. Note we use egrep to
          # match exactly sha256:<hash> because curl may include a ^M symbol at
          # the end of the line.

          </models>
        </configuration>
        <executions>
          <execution>
            <id>modello</id>
            <goals>
              <goal>java</goal>
              <goal>xpp3-reader</goal>
              <goal>xpp3-writer</goal>
            </goals>
          </execution>
        </executions>
      </plugin>
    </plugins>
  </build>

    "path": "platforms/core-configuration/graph-serialization",
    "unitTests": false,
    "functionalTests": false,
    "crossVersionTests": false
  },
  {
    "name": "groovy-loader",
    "path": "platforms/core-runtime/groovy-loader",
    "unitTests": false,
    "functionalTests": false,
    "crossVersionTests": false
  },
  {
    "name": "guava-serialization-codecs",

     */
    private byte[] createValidSecurityDescriptorBuffer(int size) {
        ByteBuffer buffer = ByteBuffer.allocate(size);
        buffer.order(ByteOrder.LITTLE_ENDIAN);

        // Security descriptor header
        buffer.put((byte) 0x01); // Revision
        buffer.put((byte) 0x00); // Padding
        buffer.putShort((short) 0x8004); // Control flags (SE_DACL_PRESENT | SE_SELF_RELATIVE)

                if (blobObj == null) {
                    throw new IOException("Object not found: bucket=" + bucketName + ", object=" + objectName);
                }
                return Channels.newInputStream(blobObj.reader());
            } catch (final IOException e) {
                throw e;
            } catch (final Exception e) {
                throw new IOException("Failed to access " + url, e);
            }
        }