// Use a fresh context to avoid affecting previous tests
        CIFSContext ctx2 = mock(CIFSContext.class);
        Configuration config2 = mock(Configuration.class);
        Credentials creds2 = mock(Credentials.class);
        NameServiceClient nsc2 = mock(NameServiceClient.class);
        when(ctx2.getConfig()).thenReturn(config2);
        when(ctx2.getCredentials()).thenReturn(creds2);

    private static final long serialVersionUID = 4328214169536360351L;
    /** The NT hash for authentication */
    private final byte[] ntHash;

    /**
     * Create username/password credentials with specified domain
     *
     * @param domain the authentication domain
     * @param username the username
     * @param passwordHash
     *            NT password hash
     */

    /**
     * GCS project ID.
     * Google Cloud project ID for GCS storage.
     */
    @Size(max = 200)
    public String storageProjectId;

    /**
     * Storage credentials file path for GCS.
     * Path to the service account credentials JSON file.
     */
    @Size(max = 1000)
    public String storageCredentialsPath;

            {{- if .Values.etcd.clientCert }}
            - name: MINIO_ETCD_CLIENT_CERT
              value: "/tmp/credentials/etcd_client_cert.pem"
            {{- end }}
            {{- if .Values.etcd.clientCertKey }}
            - name: MINIO_ETCD_CLIENT_CERT_KEY
              value: "/tmp/credentials/etcd_client_cert_key.pem"
            {{- end }}
            {{- if .Values.etcd.pathPrefix }}

    listener.assertFailure("canceled")
  }

  @Test
  fun failureWith401IsReadable() {
    server.enqueue(
      MockResponse(
        code = 401,
        body = "{\"error\":{\"message\":\"No auth credentials found\",\"code\":401}}",
        headers = Headers.headersOf("content-type", "application/json"),
      ),
    )
    server.enqueue(
      MockResponse(
        body =
          """
          |data: hey

// descriptions for all the error responses.
var stsErrCodes = stsErrorCodeMap{
	ErrSTSAccessDenied: {
		Code:           "AccessDenied",
		Description:    "Generating temporary credentials not allowed for this request.",
		HTTPStatusCode: http.StatusForbidden,
	},
	ErrSTSMissingParameter: {
		Code:           "MissingParameter",

                        logger.debug("Using GCS credentials from file: {}", credentialsFile);
                    }
                } catch (final Exception e) {
                    throw new CrawlingAccessException("Failed to load GCS credentials: credentialsFile=" + credentialsFile, e);
                }
            }
            // If no credentials file, GoogleCredentials.getApplicationDefault() will be used automatically

import jcifs.smb1.util.DES;
import jcifs.smb1.util.Encdec;
import jcifs.smb1.util.HMACT64;
import jcifs.smb1.util.LogStream;
import jcifs.smb1.util.MD4;

/**
 * This class stores and encrypts NTLM user credentials. The default
 * credentials are retrieved from the {@code jcifs.smb1.smb1.client.domain},
 * {@code jcifs.smb1.smb1.client.username}, and {@code jcifs.smb1.smb1.client.password}
 * properties.
 * <p>

> password: password

and then click "Grant access"

On the browser now you shall see the list of buckets output, along with your temporary credentials obtained from MinIO.

```
{
 "buckets": [
  "dl.minio.equipment",
  "dl.minio.service-fulfillment",
  "testbucket"
 ],
 "credentials": {
  "AccessKeyID": "Q31CVS1PSCJ4OTK2YVEM",
  "SecretAccessKey": "rmDEOKARqKYmEyjWGhmhLpzcncyu7Jf8aZ9bjDic",

}

func (c *check) mustCreateIAMUser(ctx context.Context, admClnt *madmin.AdminClient) madmin.Credentials {
	c.Helper()
	randUser := mustGetUUID()
	randPass := mustGetUUID()
	err := admClnt.AddUser(ctx, randUser, randPass)
	if err != nil {
		c.Fatalf("should be able to create a user: %v", err)
	}
	return madmin.Credentials{
		AccessKey: randUser,
		SecretKey: randPass,
	}
}