*    has since been closed by the server.
   *  * A client timeout (HTTP 408).
   *  * A authorization challenge (HTTP 401 and 407) that is satisfied by the [Authenticator].
   *  * A retryable server failure (HTTP 503 with a `Retry-After: 0` response header).
   *  * A misdirected request (HTTP 421) on a coalesced connection.
   */
  open fun isOneShot(): Boolean = false

  /**

                .orElseThrow(() -> new FessSystemException("Cannot create an access token."));
    }

    /**
     * Generates and saves a new access token for the current session.
     * The token is used to authenticate API requests.
     */
    public void saveToken() {
        getSessionManager().setAttribute(Constants.SEARCH_ENGINE_API_ACCESS_TOKEN, UUID.randomUUID().toString().replace("-", ""));
    }

     * 13.5.1.
     */
    private fun isEndToEnd(fieldName: String): Boolean =
      !"Connection".equals(fieldName, ignoreCase = true) &&
        !"Keep-Alive".equals(fieldName, ignoreCase = true) &&
        !"Proxy-Authenticate".equals(fieldName, ignoreCase = true) &&
        !"Proxy-Authorization".equals(fieldName, ignoreCase = true) &&
        !"TE".equals(fieldName, ignoreCase = true) &&
        !"Trailers".equals(fieldName, ignoreCase = true) &&

### Enable Keycloak Admin REST API support

Before being able to authenticate against the Admin REST API using a client_id and a client_secret you need to make sure the client is configured as it follows:

- `account` client_id is a confidential client that belongs to the realm `{realm}`

				fmt.Errorf("None of the given policies (`%s`) are defined, credentials will not be generated", policyName))
			return
		}
	}

	res, err := authn.Authenticate(roleArn, token)
	if err != nil {
		writeSTSErrorResponse(ctx, w, ErrSTSInvalidParameterValue, err)
		return
	}

	// If authentication failed, return the error message to the user.

	_, err = sshPubKeyAuth(newSSHCon, testKey)
	if err != nil {
		c.Fatalf("expected no error but got(%s)", err)
	}
}

// A user without an sshpubkey attribute in LDAP (here: fahim) should not be
// able to authenticate.
func (s *TestSuiteIAM) SFTPPublicKeyAuthNoPubKey(c *check) {
	keyBytes, err := os.ReadFile("./testdata/dillon_test_key.pub")
	if err != nil {
		c.Fatalf("could not read test key file: %s", err)
	}

  verbose "Falling back to use Java to download"
  javaSource="$TMP_DOWNLOAD_DIR/Downloader.java"
  targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName"
  cat >"$javaSource" <<-END
	public class Downloader extends java.net.Authenticator
	{
	  protected java.net.PasswordAuthentication getPasswordAuthentication()
	  {
	    return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() );

     *
     * @param transport
     *            The SMB transport containing server encryption key
     * @param auth
     *            The NTLM password authenticator containing user credentials
     * @throws SmbException
     *             If there is an error setting up the signing digest
     */

     |
    <server>
      <id>deploymentRepo</id>
      <username>repouser</username>
      <password>repopwd</password>
    </server>
    -->

    <!-- Another sample, using keys to authenticate.
    <server>
      <id>siteServer</id>
      <privateKey>/path/to/private/key</privateKey>
      <passphrase>optional; leave empty if not used.</passphrase>
    </server>
    -->
  </servers>

    protected int maxGroupDepth = 10;

    /** Use V2 endpoint. */
    protected boolean useV2Endpoint = true;

    /**
     * Initializes the Entra ID authenticator.
     * Registers this authenticator with the SSO manager and sets up group cache.
     */
    @PostConstruct
    public void init() {
        if (logger.isDebugEnabled()) {