String server = "testServer";
        int access = 123;

        doThrow(new IOException("Network error")).when(mockDcerpcHandle).sendrecv(any(MsrpcLsarOpenPolicy2.class));

        // Act & Assert
        IOException thrown = assertThrows(IOException.class, () -> {
            new LsaPolicyHandle(mockDcerpcHandle, server, access);
        });

        assertEquals("Network error", thrown.getMessage());

    headers = {
        "Origin": "https://localhost.tiangolo.com",
        "Access-Control-Request-Method": "GET",
        "Access-Control-Request-Headers": "X-Example",
    }
    response = client.options("/", headers=headers)
    assert response.status_code == 200, response.text
    assert response.text == "OK"
    assert (
        response.headers["access-control-allow-origin"]
        == "https://localhost.tiangolo.com"
    )

        // Realm accessors
        assertNull(auth.getRealm());
        auth.setRealm("EXAMPLE.COM");
        assertEquals("EXAMPLE.COM", auth.getRealm());

        // Service accessors
        assertEquals("cifs", auth.getService());
        auth.setService("");
        assertEquals("", auth.getService());

        // Lifetime accessors (edge: zero/negative)
        auth.setUserLifeTime(0);

    /**
     * Indicates whether network access to remote repositories has been disabled.
     *
     * @return {@code true} if remote access has been disabled, {@code false} otherwise.
     */
    @Override
    boolean isOffline();

    /**
     * Enables/disables network access to remote repositories.
     *
     * @param offline {@code true} to disable remote access, {@code false} to allow network access.

                return field.get(this);
            } catch (Exception e) {
                throw new RuntimeException("Failed to get field " + fieldName, e);
            }
        }

        // Accessors for protected state
        int getTotalParameterCount() {
            return totalParameterCount;
        }

        int getTotalDataCount() {
            return totalDataCount;
        }

     * Constructs an LSA policy handle.
     *
     * @param handle the DCERPC handle
     * @param server the server name
     * @param access the access rights
     * @throws IOException if an I/O error occurs
     */
    public LsaPolicyHandle(final DcerpcHandle handle, String server, final int access) throws IOException {
        this.handle = handle;
        if (server == null) {
            server = "\\\\";
        }

    @Size(max = 10000)
    public String token;

    /**
     * The permissions associated with this access token.
     * Defines what operations and resources this token can access.
     */
    @CustomSize(maxKey = "form.admin.max.input.size")
    public String permissions;

    /**
     * The parameter name for the access token.
     * This field specifies how the token should be passed in API requests.

     * @throws FessSystemException if no access token is available
     */
    public String getServerPath() {
        return getSessionManager().getAttribute(Constants.SEARCH_ENGINE_API_ACCESS_TOKEN, String.class)
                .map(token -> ADMIN_SERVER + token)
                .orElseThrow(() -> new FessSystemException("Cannot create an access token."));
    }

    /**

    /**
     * Generate the access token.
     * @return The access token.
     */
    public String generateAccessToken() {
        return RandomStringUtils.random(ComponentUtil.getFessConfig().getApiAccessTokenLengthAsInteger(), 0, 0, true, true, null, random);
    }

    /**
     * Get the access token from the request.
     * @param request The request.
     * @return The access token.
     */

    }

    /**
     * Pre-processes API requests by checking access authorization before executing the action.
     * If access is not allowed, returns an unauthorized error response.
     *
     * @param runtime the action runtime context containing request information
     * @return ActionResponse with unauthorized error if access denied, otherwise delegates to parent
     */
    @Override