# Directory Leasing Feature - Detailed Design Document

## 1. Overview

Directory leasing extends the SMB3 lease concept to directories, enabling client-side caching of directory metadata and change notifications. This significantly improves performance for applications that frequently enumerate directories or monitor directory changes.

## 2. Protocol Specification Reference

- **MS-SMB2 Section 2.2.13.2.12**: SMB2_CREATE_REQUEST_LEASE_V2 for directories

		},
		config.HelpKV{
			Key:         config.BatchSubSys,
			Description: "manage batch job workers and wait times",
		},
		config.HelpKV{
			Key:         config.CompressionSubSys,
			Description: "enable server side compression of objects",
		},
		config.HelpKV{
			Key:             config.IdentityOpenIDSubSys,
			Description:     "enable OpenID SSO support",
			MultipleTargets: true,
		},
		config.HelpKV{

- For `kubectl`, `--server-side` now migrates ownership of all fields used by client-side-apply to the specified `--fieldmanager`. This prevents fields previously specified using kubectl from being able to live outside of server-side-apply's management and become undeleteable. ([#112905](https://github.com/kubernetes/kubernetes/pull/112905), [@alexzielenski](https://github.com/alexzielenski))...

situation, the server prints a role ARN at startup that must be specified as a `RoleArn` API request parameter in the STS AssumeRoleWithWebIdentity API call. When using Role Policies, multiple OpenID providers and/or client applications (with unique client IDs) may be configured with independent role policies. Each configuration is assigned a unique RoleARN by the MinIO server and this is used to select the policies to apply to temporary credentials generated in the AssumeRoleWithWebIdentity call.

2....

        // Important to null this out here - if we did *not* execute inline, we might still
        // run() on the same thread that called execute() - such as in a thread pool, and think
        // that it was happening inline. As a side benefit, avoids holding on to the Thread object
        // longer than necessary.
        submitting = null;
      }
    }

    @SuppressWarnings("ShortCircuitBoolean")
    @Override
    public void run() {

    public static final String MAVEN_LOGGER_CACHE_OUTPUT_STREAM = MAVEN_LOGGER_PREFIX + "cacheOutputStream";

    /**
     * maven.logger.log.a.b.c - Logging detail level for a SimpleLogger instance named "a.b.c". Right-side value
     * must be one of "trace", "debug", "info", "warn", "error" or "off". When a logger named "a.b.c" is initialized,

Al agregar una estrella, otros usuarios podrán encontrarlo más fácilmente y ver que ya ha sido útil para otros.

## Observa el repositorio de GitHub para lanzamientos

	// secret keys and generate an entirely new claim by essentially
	// hijacking the policies. We need to make sure that this is
	// based on admin credential such that token cannot be decoded
	// on the client side and is treated like an opaque value.
	claims, err := auth.ExtractClaims(token, secret)
	if err != nil {
		if subtle.ConstantTimeCompare([]byte(secret), []byte(globalActiveCred.SecretKey)) == 1 {

 * will return {@code true} for many domains which (currently) are not hosts, such as {@code "com"},
 * but given that any public suffix may become a host without warning, it is better to err on the
 * side of permissiveness and thus avoid spurious rejection of valid sites. Of course, to actually
 * determine addressability of any host, clients of this class will need to perform their own DNS
 * lookups.
 *

     * Gets whether witness protocol support is enabled.
     *
     * @return true if witness is enabled
     */
    boolean isUseWitness();

    /**
     * @return whether to use SMB3 leases for client-side caching
     */
    boolean isUseLeases();

    /**
     * @return timeout for persistent handles in milliseconds
     */
    long getPersistentHandleTimeout();

    /**