func (l *Config) LookupUserDN(username string) (*xldap.DNSearchResult, []string, error) {
	conn, err := l.LDAP.Connect()
	if err != nil {
		return nil, nil, err
	}
	defer conn.Close()

	// Bind to the lookup user account
	if err = l.LDAP.LookupBind(conn); err != nil {
		return nil, nil, err
	}

	// Lookup user DN
	lookupRes, err := l.LDAP.LookupUsername(conn, username)
	if err != nil {

       */
      KeyList<K, V> keyList = requireNonNull(keyToKeyList.remove(node.getKey()));
      keyList.count = 0;
      modCount++;
    } else {
      // requireNonNull is safe (under the conditions listed in the comment in the branch above).
      KeyList<K, V> keyList = requireNonNull(keyToKeyList.get(node.getKey()));
      keyList.count--;

      if (node.previousSibling == null) {

    public SimpleStatsCounter() {}

    /**
     * @since 11.0
     */
    @Override
    public void recordHits(int count) {
      hitCount.add(count);
    }

    /**
     * @since 11.0
     */
    @Override
    public void recordMisses(int count) {
      missCount.add(count);
    }

    @SuppressWarnings("GoodTime") // b/122668874
    @Override

	reqMap := make(map[string]interface{})
	err = json.Unmarshal(body, &reqMap)
	if err != nil {
		writeErrorResponse(w, err)
		return
	}

	m := reqMap["input"].(map[string]interface{})
	accountValue := m["account"].(string)
	actionValue := m["action"].(string)

	// Allow user `minio` to perform any action.
	var res Result
	if accountValue == "minio" {
		res.Result = true
	} else {

    return user


@app.get("/users/me")
def read_current_user(current_user: User | None = Depends(get_current_user)):
    if current_user is None:
        return {"msg": "Create an account first"}
    return current_user


client = TestClient(app)


def test_security_api_key():
    response = client.get("/users/me", headers={"key": "secret"})
    assert response.status_code == 200, response.text

	}

	// As the session policy exists, even if the parent is the root account, it
	// must be restricted by it. So, we set `.IsOwner` to false here
	// unconditionally.
	//
	// We also set `DenyOnly` arg to false here - this is an IMPORTANT corner
	// case: DenyOnly is used only for allowing an account to do actions related
	// to its own account (like create service accounts for itself, among

}

// AddServiceAccount - add a new service account
func (store *IAMStoreSys) AddServiceAccount(ctx context.Context, cred auth.Credentials) (updatedAt time.Time, err error) {
	cache := store.lock()
	defer store.unlock()

	accessKey := cred.AccessKey
	parentUser := cred.ParentUser

	// Found newly requested service account, to be an existing account -

./mc ls rootsvc
if [ $? -ne 0 ]; then
	echo "root service account not inherited root permissions, exiting.."
	exit_1
fi

./mc admin user svcacct info minio1 testsvc
if [ $? -ne 0 ]; then
	echo "svc account not mirrored, exiting.."
	exit_1
fi

./mc admin user svcacct info minio2 testsvc
if [ $? -ne 0 ]; then
	echo "svc account not mirrored, exiting.."
	exit_1
fi

security = HTTPBasic(auto_error=False)


@app.get("/users/me")
def read_current_user(credentials: HTTPBasicCredentials | None = Security(security)):
    if credentials is None:
        return {"msg": "Create an account first"}
    return {"username": credentials.username, "password": credentials.password}


client = TestClient(app)


def test_security_http_basic():
    response = client.get("/users/me", auth=("john", "secret"))

    public SimpleStatsCounter() {}

    /**
     * @since 11.0
     */
    @Override
    public void recordHits(int count) {
      hitCount.add(count);
    }

    /**
     * @since 11.0
     */
    @Override
    public void recordMisses(int count) {
      missCount.add(count);
    }

    @SuppressWarnings("GoodTime") // b/122668874
    @Override