protected long getCurrentTime() {
                return System.currentTimeMillis();
            }
        };
        roleQueryHelper.maxAge = 60; // 1 minute

        Set<String> roleSet = new HashSet<>();
        // Create timestamp that's 2 minutes old
        long expiredTimestamp = System.currentTimeMillis() / 1000 - 120;
        String value = expiredTimestamp + "\nrole1,role2";

     * The cache is configured with a maximum size of 100 entries and expires after 10 minutes.
     */
    @PostConstruct
    public void init() {
        if (logger.isDebugEnabled()) {
            logger.debug("Initializing {}", this.getClass().getSimpleName());
        }
        crawlingConfigCache = CacheBuilder.newBuilder().maximumSize(100).expireAfterWrite(10, TimeUnit.MINUTES).build();
    }

    /**

Of course, the attackers would not try all this by hand, they would write a program to do it, possibly with thousands or millions of tests per second. And they would get just one extra correct letter at a time.

But doing that, in some minutes or hours the attackers would have guessed the correct username and password, with the "help" of our application, just using the time taken to answer.

#### Fix it with `secrets.compare_digest()` { #fix-it-with-secrets-compare-digest }

                .maximumSize(fessConfig.getSuggestPopularWordCacheSizeAsInteger().longValue())
                .expireAfterWrite(fessConfig.getSuggestPopularWordCacheExpireAsInteger().longValue(), TimeUnit.MINUTES)
                .build();
    }

    /**
     * Retrieves a list of popular words based on the specified search parameters.
     * Uses caching to improve performance for repeated requests.
     *

        }

        /**
         * Returns the response.
         * @return The response.
         */
        public RESPONSE getResponse() {
            return getResponse(1, TimeUnit.MINUTES);
        }

        /**
         * Returns the response.
         * @param time The time to wait.
         * @param unit The time unit.
         * @return The response.
         */

      require(hour in 0..23)
      require(minute in 0..59)
      require(second in 0..59)

      GregorianCalendar(UTC).apply {
        isLenient = false
        set(Calendar.YEAR, year)
        set(Calendar.MONTH, month - 1)
        set(Calendar.DAY_OF_MONTH, dayOfMonth)
        set(Calendar.HOUR_OF_DAY, hour)
        set(Calendar.MINUTE, minute)
        set(Calendar.SECOND, second)

The returned credentials expiry after a certain period of time that can be configured via `&DurationSeconds=3600`. By default, the STS credentials are valid for 1 hour. The minimum expiration allowed is 15 minutes.

                yamlCompatTestSourceSet.getRuntimeClasspath()
                    // remove the "normal" api and tests
                    .minus(project.files(yamlTestSourceSet.getOutput().getResourcesDir()))
                    .minus(project.files(originalYamlSpecsDir))
                    .minus(project.files(originalYamlTestsDir))
            );
            // run compatibility tests after "normal" tests

Ce faisant, en quelques minutes ou heures, les attaquants devineraient le nom d'utilisateur et le mot de passe corrects, avec « l'aide » de notre application, simplement en se basant sur le temps de réponse.

                        .maximumSize(fessConfig.getSuggestPopularWordCacheSizeAsInteger().longValue())
                        .expireAfterWrite(fessConfig.getSuggestPopularWordCacheExpireAsInteger().longValue(), TimeUnit.MINUTES)
                        .build();
            }
        };
        popularWordHelper.init();
    }

    @Test
    public void test_getCacheKey_allParameters() {
        String seed = "test_seed";