* @return the home drive
     */
    public String getHomeDrive() {
        return this.homeDrive;
    }

    /**
     * Returns the name of the server that authenticated the user.
     * @return the server name
     */
    public String getServerName() {
        return this.serverName;
    }

    /**
     * Returns the user's domain name.

     *
     * @param transport
     *            The SMB transport containing server encryption key
     * @param auth
     *            The NTLM password authenticator containing user credentials
     * @throws SmbException
     *             If there is an error setting up the signing digest
     */

	if err := signRequestV4(req, cred.AccessKey, cred.SecretKey); err != nil {
		t.Fatalf("Unable to initialized new signed http request %s", err)
	}
	return req
}

// Tests is requested authenticated function, tests replies for s3 errors.
func TestIsReqAuthenticated(t *testing.T) {
	ctx, cancel := context.WithCancel(GlobalContext)
	defer cancel()

	objLayer, fsDir, err := prepareFS(ctx)
	if err != nil {

    protected int maxGroupDepth = 10;

    /** Use V2 endpoint. */
    protected boolean useV2Endpoint = true;

    /**
     * Initializes the Entra ID authenticator.
     * Registers this authenticator with the SSO manager and sets up group cache.
     */
    @PostConstruct
    public void init() {
        if (logger.isDebugEnabled()) {

			return
		}

		cred := auth.Credentials{
			AccessKey: claims.AccessKey,
			Claims:    claims.Map(),
			Groups:    groups,
		}

		// For authenticated users apply IAM policy.
		if !globalIAMSys.IsAllowed(policy.Args{
			AccountName:     cred.AccessKey,
			Groups:          cred.Groups,
			Action:          policy.PrometheusAdminAction,

//
// Therefore, an S3 implementation may encrypt an ETag before storing
// it. In this case, the stored ETag may not be a well-formed S3 ETag.
// For example, it can be larger due to a checksum added by authenticated
// encryption schemes. Such an ETag must be decrypted before sent to an
// S3 client.
//
// # S3 Clients
//
// There are many different S3 client implementations. Most of them

		},
	}
)

var errSingleProvider = config.Errorf("Only one OpenID provider can be configured if not using role policy mapping")

// DummyRoleARN is used to indicate that the user associated with it was
// authenticated via policy-claim based OpenID provider.
var DummyRoleARN = func() arn.ARN {
	v, err := arn.NewIAMRoleARN("dummy-internal", "")
	if err != nil {
		panic("should not happen!")
	}
	return v
}()

 * <li>Ensure keys are securely generated and stored</li>
 * <li>For production systems with stringent security requirements, consider using authenticated encryption modes</li>
 * </ul>
 * <p>
 * <strong>Usage Example:</strong>
 * </p>
 * <pre>
 * CachedCipher cipher = new CachedCipher();
 * cipher.setKey("mySecretKey");
 *
 * // Encrypt text

                proxy = new Proxy(Type.HTTP, addr);
                if (StringUtil.isNotBlank(getHttpProxyUsername())) {
                    Authenticator.setDefault(new Authenticator() {
                        @Override
                        protected PasswordAuthentication getPasswordAuthentication() {

	writeSuccessResponseXML(w, encodedSuccessResponse)
}

// ListBucketsHandler - GET Service.
// -----------
// This implementation of the GET operation returns a list of all buckets
// owned by the authenticated sender of the request.
func (api objectAPIHandlers) ListBucketsHandler(w http.ResponseWriter, r *http.Request) {
	ctx := newContext(r, w, "ListBuckets")

	defer logger.AuditLog(ctx, w, r, mustGetClaimsFromToken(r))