* specific language governing permissions and limitations
 * under the License.
 */
package org.apache.maven.classrealm;

import java.io.File;

/**
 * Describes a constituent of a class realm.
 *
 */
public interface ClassRealmConstituent {

    /**
     * Gets the group id of the constituent's artifact.
     *
     * @return The group id, never {@code null}.
     */
    String getGroupId();

        // Create a minimal filter config that won't try to connect to a real server
        Map<String, String> initParams = new HashMap<>();
        initParams.put("jcifs.smb.client.domain", "TEST_DOMAIN");
        // Don't set domainController to avoid real connection attempts
        initParams.put("jcifs.http.loadBalance", "false");
        initParams.put("jcifs.http.enableBasic", "false");

    public void setInheritedByDefault(boolean inheritedByDefault) {
        this.inheritedByDefault = inheritedByDefault;
    }

    /**
     * Gets the artifacts that make up the plugin's class realm, excluding artifacts shadowed by the Maven core realm
     * like {@code maven-project}.
     *
     * @return The plugin artifacts, never {@code null}.
     */
    public List<Artifact> getArtifacts() {
        return artifacts;
    }

If it doesn't receive it, it returns an HTTP 401 "Unauthorized" error.

And returns a header `WWW-Authenticate` with a value of `Basic`, and an optional `realm` parameter.

That tells the browser to show the integrated prompt for a username and password.

Then, when you type that username and password, the browser sends them in the header automatically.

# HTTP 基础授权 { #http-basic-auth }

最简单的用例是使用 HTTP 基础授权（HTTP Basic Auth）。

在 HTTP 基础授权中，应用需要请求头包含用户名与密码。

如果没有接收到 HTTP 基础授权，就返回 HTTP 401 `"Unauthorized"` 错误。

并返回响应头 `WWW-Authenticate`，其值为 `Basic`，以及可选的 `realm` 参数。

HTTP 基础授权让浏览器显示内置的用户名与密码提示。

输入用户名与密码后，浏览器会把它们自动发送至请求头。

## 简单的 HTTP 基础授权 { #simple-http-basic-auth }

* 导入 `HTTPBasic` 与 `HTTPBasicCredentials`
* 使用 `HTTPBasic` 创建**安全方案**
* 在*路径操作*的依赖项中使用 `security`

            "WWW-Authenticate",
            "Basic realm=\"protected area\", charset=\"UTF-8\"",
          ),
        body = "Please authenticate with UTF-8.",
      ),
    )
    server.enqueue(
      MockResponse(
        code = 401,
        headers =
          headersOf(
            "WWW-Authenticate",
            "Basic realm=\"protected area\"",
          ),

  @Test @Disabled
  fun challenge() {
    val challenge = Challenge("", mapOf("" to ""))
    val scheme: String = challenge.scheme()
    val authParams: Map<String?, String> = challenge.authParams()
    val realm: String? = challenge.realm()
    val charset: Charset = challenge.charset()
  }

  @Test @Disabled
  fun cipherSuite() {
    val cipherSuite: CipherSuite = CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

# HTTP 基本認證 { #http-basic-auth }

在最簡單的情況下，你可以使用 HTTP Basic 認證。

在 HTTP Basic 認證中，應用程式會期待一個包含使用者名稱與密碼的標頭。

如果沒有接收到，會回傳 HTTP 401「Unauthorized」錯誤。

並回傳一個 `WWW-Authenticate` 標頭，其值為 `Basic`，以及可選的 `realm` 參數。

這會告訴瀏覽器顯示內建的使用者名稱與密碼提示視窗。

接著，當你輸入該使用者名稱與密碼時，瀏覽器會自動在標頭中送出它們。

## 簡單的 HTTP 基本認證 { #simple-http-basic-auth }

- 匯入 `HTTPBasic` 與 `HTTPBasicCredentials`。
- 使用 `HTTPBasic` 建立一個「`security` scheme」。
- 在你的*路徑操作*中以依賴的方式使用該 `security`。

        }

        final WebAuthenticationConfig config = new WebAuthenticationConfig();

        // host/port/realm: only set if not blank (null means "any" - AuthScope.ANY equivalent)
        if (StringUtil.isNotBlank(getHostname())) {
            config.setHost(getHostname());
        }
        if (getPort() != null) {

 * get proper ticket caching.
 *
 * Be advised that short/NetBIOS name usage is not supported with this authenticator. Always specify full FQDNs/Realm.
 * This can be a problem if using DFS in it's default configuration as that still returns referrals in short form.
 * See <a href="https://support.microsoft.com/en-us/kb/244380">KB-244380</a> for compatible server configuration.