To easily try out the feature, run the included demo Access Management Plugin program in this directory:

```sh
go run access-manager-plugin.go
```

This program, lets the admin user perform any action and prevents all other users from performing `s3:Put*` operations.

In another terminal start MinIO:

```sh
export MINIO_CI_CD=1
export MINIO_ROOT_USER=minio
export MINIO_ROOT_PASSWORD=minio123

     * @see jcifs.BufferCache#releaseBuffer(byte[])
     */
    @Override
    public void releaseBuffer(final byte[] buf) {
        if (buf == null) {
            return;
        }
        // better safe than sorry: prevent leaks if there is some out of bound access
        Arrays.fill(buf, (byte) 0);
        synchronized (this.cache) {
            if (this.freeBuffers < this.cache.length) {

    @Override
    public boolean contains(@Nullable Object target) {
      // Overridden to prevent a ton of boxing
      return (target instanceof Boolean)
          && Booleans.indexOf(array, (Boolean) target, start, end) != -1;
    }

    @Override
    public int indexOf(@Nullable Object target) {
      // Overridden to prevent a ton of boxing
      if (target instanceof Boolean) {

    @Override
    public boolean contains(@Nullable Object target) {
      // Overridden to prevent a ton of boxing
      return (target instanceof Boolean)
          && Booleans.indexOf(array, (Boolean) target, start, end) != -1;
    }

    @Override
    public int indexOf(@Nullable Object target) {
      // Overridden to prevent a ton of boxing
      if (target instanceof Boolean) {

        return new EncryptionResult(ciphertext, authTag);
    }

    /**
     * Perform constant-time encryption to prevent timing attacks
     */
    private byte[] performConstantTimeEncryption(Cipher cipher, byte[] message) throws Exception {
        // Pad to fixed block size to prevent timing leaks
        int blockSize = cipher.getBlockSize();
        if (blockSize == 0)
            blockSize = 16; // GCM mode

public final class WebApiUtil {

    /**
     * Request attribute key for storing web API exceptions.
     */
    private static final String WEB_API_EXCEPTION = "webApiException";

    /**
     * Private constructor to prevent instantiation.
     */
    private WebApiUtil() {
    }

    /**
     * Sets an object in the current request attributes.
     *
     * @param name The attribute name
     * @param value The attribute value

     */
    @ValidateTypeFailure
    public Long updatedTime;

    /**
     * The version number of the access token for optimistic locking.
     * This field is required to prevent concurrent modification conflicts
     * by ensuring the token hasn't been modified by another process.
     */
    @Required
    @ValidateTypeFailure
    public Integer versionNo;

     */
    @ValidateTypeFailure
    public Long updatedTime;

    /**
     * The version number of the bad word entry for optimistic locking.
     * This field is required to prevent concurrent modification conflicts
     * by ensuring the entry hasn't been modified by another process.
     */
    @Required
    @ValidateTypeFailure
    public Long versionNo;

     */
    @ValidateTypeFailure
    public Long updatedTime;

    /**
     * The version number of the boost document configuration for optimistic locking.
     * This field is required to prevent concurrent modification conflicts
     * by ensuring the configuration hasn't been modified by another process.
     */
    @Required
    @ValidateTypeFailure
    public Integer versionNo;

     */
    @ValidateTypeFailure
    public Long updatedTime;

    /**
     * The version number of the file authentication configuration for optimistic locking.
     * This field is required to prevent concurrent modification conflicts
     * by ensuring the configuration hasn't been modified by another process.
     */
    @Required
    @ValidateTypeFailure
    public Integer versionNo;