export MC_HOST_siteb=http://minioadmin:minioadmin@127.0.0.1:9004

./mc ready sitea
./mc ready siteb

./mc admin replicate add sitea siteb

./mc admin user add sitea foobar foo12345

./mc admin policy attach sitea/ consoleAdmin --user=foobar

./mc admin user info siteb foobar

killall -9 minio

echo "turning off root access, however site replication must continue"
export MINIO_API_ROOT_ACCESS=off

		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSMalformedPolicyDocument: {
		Code:           "MalformedPolicyDocument",
		Description:    "The request was rejected because the policy document was malformed.",
		HTTPStatusCode: http.StatusBadRequest,
	},
	ErrSTSInsecureConnection: {
		Code:           "InsecureConnection",

}

// TestBucketPolicy - Inserts the bucket policy and verifies it by fetching the policy back.
// Deletes the policy and verifies the deletion by fetching it back.
func (s *TestSuiteCommon) TestBucketPolicy(c *check) {
	// Sample bucket policy.

```

If provided, the auth token parameter is sent as an authorization header.

`MINIO_IDENTITY_PLUGIN_ROLE_POLICY` is a required parameter and can be list of comma separated policy names.

managing how many simultaneous requests you make. Too many simultaneous connections wastes resources; too few harms latency.

For asynchronous calls, [`Dispatcher`](https://square.github.io/okhttp/4.x/okhttp/okhttp3/-dispatcher/) implements policy for maximum simultaneous requests. You can set maximums per-webserver (default is 5), and overall (default is 64)....

			}
		} // regular object/metadata replication
		return rule.MetadataReplicate(obj)
	}
	return false
}

// HasActiveRules - returns whether replication policy has active rules
// Optionally a prefix can be supplied.
// If recursive is specified the function will also return true if any level below the
// prefix has active rules. If no prefix is specified recursive is effectively true.

	_, err = globalIAMSys.PolicyDBSet(ctx, ucreds.AccessKey, "consoleAdmin", regUser, false)
	if err != nil {
		t.Fatalf("unable to attach policy to credential, %s", err)
	}

	time.Sleep(4 * time.Second)

	policies, err := globalIAMSys.PolicyDBGet(ucreds.AccessKey)
	if err != nil {
		t.Fatalf("unable to get policy to credential, %s", err)
	}

	if len(policies) == 0 {
		t.Fatal("no policies found")
	}

                .build());
        options.addOption(Option.builder(STRICT_ARTIFACT_DESCRIPTOR_POLICY)
                .longOpt("strict-artifact-descriptor-policy")
                .hasArg()
                .desc("Defines 'strict' artifact descriptor policy. Supported values are 'true', 'false' (default).")
                .build());
        options.addOption(Option.builder(IGNORE_TRANSITIVE_REPOSITORIES)

##### COMPATIBLE_TLS versions

* TLSv1

[OkHttp 3.11][OkHttp311]
------------------------

_2018-07-12_

Added a new extra strict RESTRICTED_TLS configuration inspired by [Google Cloud’s similar policy][googlecloud_ssl_policy]. It is appropriate when both the host platform
(JVM/Conscrypt/Android) and target webserver are current.

##### RESTRICTED_TLS cipher suites

 * TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

### Security vulnerabilities

Do not report security vulnerabilities to the public issue tracker. Follow our [Security Vulnerability Disclosure Policy](https://github.com/gradle/gradle/security/policy).

### Follow the Code of Conduct

Contributors must follow the Code of Conduct outlined at [https://gradle.org/conduct/](https://gradle.org/conduct/).

### Additional help