#interceptionMode: REDIRECT
  #
  # Port where Envoy listens (on local host) for admin commands
  # You can exec into the istio-proxy container in a pod and
  # curl the admin port (curl http://localhost:15000/) to obtain
  # diagnostic information from Envoy. See
  # https://lyft.github.io/envoy/docs/operations/admin.html
  # for more details
  proxyAdminPort: 15000
  #
  # Zipkin trace collector
  zipkinAddress: ""

		return config.DefaultHelpPostfix(DefaultKVS, key)
	}

	Help = config.HelpKVS{
		config.HelpKV{
			Key:         URL,
			Description: `[DEPRECATED] OPA HTTP(s) endpoint e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"` + defaultHelpPostfix(URL),
			Type:        "url",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         AuthToken,

	echo -n "Downloading MinIO client ..."
	wget -O mc https://dl.min.io/client/mc/release/linux-amd64/mc &&
		chmod +x mc
	echo "done"
fi

export MC_HOST_minio1=https://minio:minio123@localhost:9001
export MC_HOST_minio2=https://minio:minio123@localhost:9002

./mc ready minio1 --insecure
./mc ready minio2 --insecure

# Prepare data for tests
echo -n "Preparing test data ..."
mkdir -p /tmp/data

        localhost = new NbtAddress( localName,
                                    localInetAddress.hashCode(),
                                    false,
                                    B_NODE,
                                    false, false, true, false,
                                    UNKNOWN_MAC_ADDRESS );
        cacheAddress( localName, localhost, FOREVER );
    }

```
$ go run docs/sts/web-identity.go -cid account -csec 072e7f00-4289-469c-9ab2-bbe843c7f5a8  -config-ep "http://CASDOOR_ENDPOINT/.well-known/openid-configuration" -port 8888
2018/12/26 17:49:36 listening on http://localhost:8888/
```

This will open the login page of Casdoor, upon successful login, STS credentials along with any buckets discovered using the credentials will be printed on the screen, for example:

```
{
  buckets: [ ],

    @Nested
    protected abstract Property<JavaLauncher> getJavaLauncher();

    @TaskAction
    public void startApplication() {
        System.out.println("serving docs at http://localhost:" + getPort().get());
        DeploymentRegistry registry = getDeploymentRegistry();
        JavaApplicationHandle handle = registry.get(getPath(), JavaApplicationHandle.class);
        if (handle == null) {

        server site1-minio2:9000;
        server site1-minio3:9000;
        server site1-minio4:9000;
    }

    server {
        listen       9001;
        listen  [::]:9001;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value

        server site2-minio2:9000;
        server site2-minio3:9000;
        server site2-minio4:9000;
    }

    server {
        listen       9002;
        listen  [::]:9002;
        server_name  localhost;

        # To allow special characters in headers
        ignore_invalid_headers off;
        # Allow any size file to be uploaded.
        # Set to a value such as 1000m; to restrict file size to a specific value

		iptablesBuilder.AppendVersionedRule("127.0.0.1/32", "::1/128",
			iptableslog.UndefinedCommand, ChainInpodPrerouting, iptablesconstants.MANGLE,
			"!", "-d", iptablesconstants.IPVersionSpecific, // ignore traffic to localhost ip, as this rule means to catch traffic to pod ip.
			"-p", iptablesconstants.TCP,
			"-i", "lo",
			"-j", "ACCEPT")

		return config.DefaultHelpPostfix(DefaultKVS, key)
	}

	Help = config.HelpKVS{
		config.HelpKV{
			Key:         URL,
			Description: `plugin hook endpoint (HTTP(S)) e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"` + defaultHelpPostfix(URL),
			Type:        "url",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         AuthToken,