import jcifs.dcerpc.rpc;
import jcifs.smb.SmbException;

/**
 * LSA policy handle for Local Security Authority operations.
 */
public class LsaPolicyHandle extends rpc.policy_handle implements AutoCloseable {

    private final DcerpcHandle handle;
    private boolean opened;

    /**
     * Constructs an LSA policy handle.
     *
     * @param handle the DCERPC handle
     * @param server the server name

}
```

Now you have successfully configured Dex IdP with MinIO.

> NOTE: Dex supports groups with external connectors so you can use `groups` as policy claim instead of `name`.

```
export MINIO_IDENTITY_OPENID_CLAIM_NAME=groups
```

and add relevant policies on MinIO using `mc admin policy create myminio/ <group_name> group-access.json`

## Explore Further

		objRetention.Mode, byPassSet, r, cred, owner)
	if apiErr == ErrAccessDenied {
		return errAuthentication
	}
	return nil
}

// checkPutObjectLockAllowed enforces object retention policy and legal hold policy
// for requests with WORM headers
// See https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-managing.html for the spec.

/**
 * Default conflict resolver.Implements closer newer first policy by default, but could be configured via plexus
 *
 */
@Named
@Singleton
@Deprecated
public class DefaultGraphConflictResolver implements GraphConflictResolver {
    /**
     * artifact, closer to the entry point, is selected
     */
    @Inject
    protected GraphConflictResolutionPolicy policy;

package cmd

import (
	"strings"

	"github.com/minio/minio/internal/bucket/versioning"
	"github.com/minio/minio/internal/logger"
)

// BucketVersioningSys - policy subsystem.
type BucketVersioningSys struct{}

// Enabled enabled versioning?
func (sys *BucketVersioningSys) Enabled(bucket string) bool {
	vc, err := sys.Get(bucket)
	if err != nil {

 * This class implements the LSARPC close handle operation.
 */
public class MsrpcLsarClose extends LsarClose {

    /**
     * Creates a new request to close an LSA policy handle.
     *
     * @param handle the policy handle to close
     */
    public MsrpcLsarClose(final policy_handle handle) {
        super(handle);
        this.ptype = 0;
        this.flags = DCERPC_FIRST_FRAG | DCERPC_LAST_FRAG;
    }

    @Override
    public boolean isUpdateRequired(Artifact artifact, ArtifactRepository repository) {
        File file = artifact.getFile();

        ArtifactRepositoryPolicy policy = artifact.isSnapshot() ? repository.getSnapshots() : repository.getReleases();

        if (!policy.isEnabled()) {
            if (getLogger().isDebugEnabled()) {
                getLogger()

				return ErrNone
			}
		}

		return ErrAccessDenied
	}
	if action == policy.DeleteObjectAction && versionID != "" {
		if !globalIAMSys.IsAllowed(policy.Args{
			AccountName:     cred.AccessKey,
			Groups:          cred.Groups,
			Action:          policy.Action(policy.DeleteObjectVersionAction),
			BucketName:      bucket,
			ConditionValues: getConditionValues(r, "", cred),

import org.apache.logging.log4j.core.config.plugins.PluginFactory;
import org.apache.logging.log4j.core.impl.Log4jLogEvent;

/**
 * Log4j rewrite policy that converts ERROR level log events to WARN level for specified loggers.
 * This policy is useful for downgrading the severity of log events from certain loggers
 * to prevent them from being treated as critical errors.
 */

	defaultHelpPostfix = func(key string) string {
		return config.DefaultHelpPostfix(DefaultKVS, key)
	}

	Help = config.HelpKVS{
		config.HelpKV{
			Key:         browserCSPPolicy,
			Description: `set Content-Security-Policy response header value` + defaultHelpPostfix(browserCSPPolicy),
			Optional:    true,
			Type:        "string",
		},
		config.HelpKV{
			Key:         browserHSTSSeconds,