<description>
            The username used to authenticate.
          </description>
          <type>String</type>
        </field>
        <field>
          <name>password</name>
          <version>1.0.0+</version>
          <description>
            The password used in conjunction with the username to authenticate.
          </description>
          <type>String</type>
        </field>

		fmt.Println("AccessKeyID:", v.AccessKeyID)
		fmt.Println("SecretAccessKey:", v.SecretAccessKey)
		fmt.Println("SessionToken:", v.SessionToken)
		return
	}

	// Use generated credentials to authenticate with MinIO server
	stsEndpointURL, err := url.Parse(stsEndpoint)
	if err != nil {
		log.Fatalf("Error parsing sts endpoint: %v", err)
	}
	copts := &minio.Options{
		Creds:  li,

def test_security_oauth2_password_bearer_no_header():
    response = client.get("/users/me")
    assert response.status_code == 401, response.text
    assert response.json() == {"detail": "Not authenticated"}
    assert response.headers["WWW-Authenticate"] == "Bearer"


def test_strict_login_no_data():
    response = client.post("/login")
    assert response.status_code == 422
    assert response.json() == {
        "detail": [

	if err != nil {
		log.Fatalln(err)
	}

	err = madmClnt.ServiceRestart(context.Background())
	if err != nil {
		log.Fatalln(err)
	}

	// Use generated credentials to authenticate with MinIO server
	minioClient, err := minio.New(stsEndpointURL.Host, opts)
	if err != nil {
		log.Fatalf("Error initializing client: %v", err)
	}

	// Use minIO Client object normally like the regular client.

# HTTP Basic 認証 { #http-basic-auth }

最もシンプルなケースでは、HTTP Basic 認証を利用できます。

HTTP Basic 認証では、アプリケーションはユーザー名とパスワードを含むヘッダーを期待します。

それを受け取れない場合、HTTP 401 "Unauthorized" エラーを返します。

そして、値が `Basic` のヘッダー `WWW-Authenticate` を、任意の `realm` パラメータとともに返します。

これにより、ブラウザは組み込みのユーザー名とパスワード入力プロンプトを表示します。

その後、そのユーザー名とパスワードを入力すると、ブラウザはそれらをヘッダーに自動的に付与して送信します。

## シンプルな HTTP Basic 認証 { #simple-http-basic-auth }

        if (authenticator != null && fessConfig.getSystemPropertyAsBoolean(SPNEGO_INITIALIZED, false)) {
            return authenticator;
        }
        try {
            // set some System properties
            final SpnegoFilterConfig config = SpnegoFilterConfig.getInstance(new SpnegoConfig());

            // pre-authenticate
            authenticator = new org.codelibs.spnego.SpnegoAuthenticator(config);

                ;
            }
        }
        String authHeader;
        if (response == HTTP_UNAUTHORIZED) {
            authHeader = "WWW-Authenticate";
            authProperty = "Authorization";
        } else {
            authHeader = "Proxy-Authenticate";
            authProperty = "Proxy-Authorization";
        }
        String authorization = null;

///

Create a utility function to hash a password coming from the user.

And another utility to verify if a received password matches the hash stored.

And another one to authenticate and return a user.

{* ../../docs_src/security/tutorial004_an_py310.py hl[8,49,51,58:59,62:63,72:79] *}

They will be checked independently for each *path operation*.

## Check it { #check-it }

If you open the API docs, you can authenticate and specify which scopes you want to authorize.

<img src="/img/tutorial/security/image11.png">

    /**
     * Create an NtlmPasswordAuthentication object from domain, username, and password.
     *
     * @param domain the authentication domain
     * @param username the username to authenticate with
     * @param password the password to authenticate with
     */
    public NtlmPasswordAuthentication(String domain, String username, final String password) {
        int ci;

        if (username != null) {