private CacheEntry<Map<String, CacheEntry<DfsReferralDataInternal>>> _domains = null; /*
                                                                                           * aka trusted domains cache
                                                                                           */
    private final Object domainsLock = new Object();

	if err != nil || numEntries < 0 || int(2*numEntries) < int(numEntries) {
		return nil, ErrHeader
	}

	// Parse for all member entries.
	// numEntries is trusted after this since feedTokens limits the number of
	// tokens based on maxSpecialFileSize.
	if err := feedTokens(2 * numEntries); err != nil {
		return nil, err
	}
	spd := make(sparseDatas, 0, numEntries)

#### Figure 2 - KMS key hierarchy

```
                                                          CMK (master key)

  public fun noClientAuth() {
    this.clientAuth = CLIENT_AUTH_NONE
  }

  /**
   * Configure the server to [want client auth][SSLSocket.setWantClientAuth]. If the
   * client presents a certificate that is [trusted][TrustManager] the handshake will
   * proceed normally. The connection will also proceed normally if the client presents no
   * certificate at all! But if the client presents an untrusted certificate the handshake

    public static final int ACB_ENC_TXT_PWD_ALLOWED = 2048;
    /** Account control bit flag: Smart card is required for login */
    public static final int ACB_SMARTCARD_REQUIRED = 4096;
    /** Account control bit flag: Account is trusted for delegation */
    public static final int ACB_TRUSTED_FOR_DELEGATION = 8192;
    /** Account control bit flag: Account is not delegated */
    public static final int ACB_NOT_DELEGATED = 16384;

    public static final int ACB_ENC_TXT_PWD_ALLOWED = 2048;
    /** Account control bit flag: Smart card is required for login */
    public static final int ACB_SMARTCARD_REQUIRED = 4096;
    /** Account control bit flag: Account is trusted for delegation */
    public static final int ACB_TRUSTED_FOR_DELEGATION = 8192;
    /** Account control bit flag: Account is not delegated */
    public static final int ACB_NOT_DELEGATED = 16384;

 *       class instead.
 *   <li>If checking an <i>impossible</i> condition (which <i>cannot</i> happen unless your own
 *       class or its <i>trusted</i> dependencies is badly broken), this is what ordinary Java
 *       assertions are for. Note that assertions are not enabled by default; they are essentially
 *       considered "compiled comments."

   * that {@link #get} calls exactly the implementation of {@link AbstractFuture#get}.
   */
  abstract static class TrustedFuture<V extends @Nullable Object> extends FluentFuture<V>
      implements AbstractFuture.Trusted<V> {
    @CanIgnoreReturnValue
    @Override
    @ParametricNullness
    public final V get() throws InterruptedException, ExecutionException {
      return super.get();
    }

    @CanIgnoreReturnValue

If a self-signed certificate is being used, the certificate can be added to MinIO's certificates directory, so it can be trusted by the server.

#### DNS SRV Records

## Previous tools { #previous-tools }

### <a href="https://www.djangoproject.com/" class="external-link" target="_blank">Django</a> { #django }

It's the most popular Python framework and is widely trusted. It is used to build systems like Instagram.