* Um parâmetro query.
    * Um header.
    * Um cookie.
* `http`: padrão HTTP de sistemas autenticação, incluindo:
    * `bearer`: um header de `Authorization` com valor de `Bearer` adicionado de um token. Isso é herança do OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: todas as formas do OAuth2 para lidar com segurança (chamados "fluxos").

    }

    public void test_constructor_withMessageAndCause() {
        // Test constructor with message and Exception cause
        String message = "SSO token validation error";
        Exception cause = new RuntimeException("Invalid token format");
        SsoProcessException exception = new SsoProcessException(message, cause);

        assertEquals(message, exception.getMessage());

        }
        throw new SmbException("ExtendedGSSContext is not implemented by GSSContext");
    }

    @Override
    public byte[] initSecContext(byte[] token, int off, int len) throws SmbException {
        try {
            return this.gssContext.initSecContext(token, off, len);
        } catch (GSSException e) {
            throw new SmbAuthException("GSSAPI mechanism failed", e);
        }
    }

### Anwendungsfälle: Externer Service

Ein Beispiel könnte sein, dass Sie einen externen Authentifizierungsanbieter haben, mit dem Sie sich verbinden müssen.

Sie senden ihm ein Token und er gibt einen authentifizierten Benutzer zurück.

Dieser Anbieter berechnet Ihnen möglicherweise Gebühren pro Anfrage, und der Aufruf könnte etwas länger dauern, als wenn Sie einen vordefinierten Scheinbenutzer für Tests hätten.

### Casos de uso: serviço externo

Um exemplo pode ser que você possua um provedor de autenticação externo que você precisa chamar.

Você envia ao serviço um *token* e ele retorna um usuário autenticado.

Este provedor pode cobrar por requisição, e chamá-lo pode levar mais tempo do que se você tivesse um usuário fixo para os testes.

/**
 * Exception thrown when SSO (Single Sign-On) login operations fail.
 *
 * This exception is used to indicate various SSO authentication failures
 * including configuration errors, authentication token validation failures,
 * communication issues with SSO providers, and other SSO-related problems.
 */
public class SsoLoginException extends FessSystemException {

    /** Serial version UID for serialization compatibility. */

        }
        return roleSet;
    }

    /**
     * Processes the access token.
     * @param request The HTTP request.
     * @param roleSet The set of roles.
     * @param isApiRequest Whether the request is an API request.
     * @return true if the access token is processed, false otherwise.
     */

It might also help avoid confusion for new developers that see an unused parameter in your code and could think it's unnecessary.

///

/// info

In this example we use invented custom headers `X-Key` and `X-Token`.

But in real cases, when implementing security, you would get more benefits from using the integrated [Security utilities (the next chapter)](../security/index.md){.internal-link target=_blank}.

///

 * of SSO authentication and authorization processes. It extends FessSystemException
 * to provide consistent error handling within the Fess system for SSO-related
 * processing failures such as token validation errors, communication failures
 * with SSO providers, or configuration issues.
 */
public class SsoProcessException extends FessSystemException {

    private static final long serialVersionUID = 1L;

          rm -rf ./site
          mkdir ./site
      - uses: actions/download-artifact@v5
        with:
          path: ./site/
          pattern: docs-site-*
          merge-multiple: true
          github-token: ${{ secrets.GITHUB_TOKEN }}
          run-id: ${{ github.event.workflow_run.id }}
      - name: Deploy to Cloudflare Pages
        # hashFiles returns an empty string if there are no files
        if: hashFiles('./site/*')