HSPLokhttp3/Address;->equalsNonHost$okhttp(Lokhttp3/Address;)Z
HSPLokhttp3/Address;->hashCode()I
HSPLokhttp3/Authenticator$Companion$AuthenticatorNone;-><init>()V
HSPLokhttp3/Authenticator;-><clinit>()V
HSPLokhttp3/Cache;-><init>(Ljava/io/File;J)V

   */
  @Test
  fun duplexWithAuthChallenge() {
    enableProtocol(Protocol.HTTP_2)
    val credential = basic("jesse", "secret")
    client =
      client
        .newBuilder()
        .authenticator(RecordingOkAuthenticator(credential, null))
        .build()
    val body1 =
      MockSocketHandler()
        .sendResponse("please authenticate!\n")
        .requestIOException()
        .exhaustResponse()

- The API server now detects and fails on startup if there are conflicting issuers between JWT authenticators and service account configurations. Previously, such configurations would run but could be inconsistently effective depending on the credential. ([#123561](https://github.com/kubernetes/kubernetes/pull/123561), [@enj](https://github.com/enj))

                proxy = new Proxy(Type.HTTP, addr);
                if (StringUtil.isNotBlank(getHttpProxyUsername())) {
                    Authenticator.setDefault(new Authenticator() {
                        @Override
                        protected PasswordAuthentication getPasswordAuthentication() {

		return
	}

	// It is required that parent user be set.
	if res.Success.User == "" {
		writeSTSErrorResponse(ctx, w, ErrSTSUpstreamError, errors.New("A valid user was not returned by the authenticator."))
		return
	}

	// Expiry is set as minimum of requested value and value allowed by auth
	// plugin.
	expiry := res.Success.MaxValiditySeconds
	if durationParam != "" && requestedDuration < expiry {

* Security/Auth
  * L7 LB controller and disk attach controllers run on master, so nodes do not need those privileges.
  * Setting TLS1.2 minimum
  * `kubectl create secret tls` command
  * Webhook Token Authenticator
  * **beta** PodSecurityPolicy objects limits use of security-sensitive features by pods.
* Kubectl
  * Display line number on JSON errors
  * Add flag -t as shorthand for --tty
* Resources

 */

package jcifs.smb1.http;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.Authenticator;
import java.net.HttpURLConnection;
import java.net.PasswordAuthentication;
import java.net.ProtocolException;
import java.net.URL;
import java.net.URLDecoder;
import java.security.Permission;

package org.apache.maven.wrapper; synchronized class DefaultDownloader$1 extends java.net.Authenticator { void DefaultDownloader$1(DefaultDownloader); protected java.net.PasswordAuthenticati getPasswordAuthentic(); } org/apache/maven/wrapper/DefaultDownloader$SystemPropertiesProx.class package org.apache.maven.wrapper; synchronized class DefaultDownloader$SystemPropertiesProx extends java.net.Authenticator { private void DefaultDownloader$SystemPropertiesProx(); protected java.net.PasswordAuthenticati...

* kube-apiserver: the OpenID Connect authenticator can now verify ID Tokens signed with JOSE algorithms other than RS256 through the --oidc-signing-algs flag. ([#58544](https://github.com/kubernetes/kubernetes/pull/58544), [@ericchiang](https://github.com/ericchiang))

  verbose "Falling back to use Java to download"
  javaSource="$TMP_DOWNLOAD_DIR/Downloader.java"
  targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName"
  cat >"$javaSource" <<-END
	public class Downloader extends java.net.Authenticator
	{
	  protected java.net.PasswordAuthentication getPasswordAuthentication()
	  {
	    return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() );