) = apply {
      this.heldCertificate = heldCertificate
      this.intermediates = arrayOf(*intermediates) // Defensive copy.
    }

    /**
     * Add a trusted root certificate to use when authenticating a peer. Peers must provide
     * a chain of certificates whose root is one of these.
     */
    fun addTrustedCertificate(certificate: X509Certificate) =
      apply {

### Authenticate { #authenticate }

Click the "Authorize" button.

Use the credentials:

User: `johndoe`

Password: `secret`

<img src="/img/tutorial/security/image04.png">

After authenticating in the system, you will see it like:

<img src="/img/tutorial/security/image05.png">

### Get your own user data { #get-your-own-user-data }

Now use the operation `GET` with the path `/users/me`.

	return ErrNone
}

// doesSignatureMatch - Verify authorization header with calculated header in accordance with
//   - http://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html
//
// returns ErrNone if signature matches.
func doesSignatureMatch(hashedPayload string, r *http.Request, region string, stype serviceType) APIErrorCode {
	// Copy request.
	req := *r

     * Used when LDAP authentication is enabled.
     */
    @Size(max = 1000)
    public String ldapProviderUrl;

    /**
     * LDAP security principal for binding to the LDAP server.
     * Used for authenticating with the LDAP server.
     */
    @Size(max = 1000)
    public String ldapSecurityPrincipal;

    /**
     * LDAP admin security principal for administrative operations.

              if (response.request.header("Authorization") != null) {
                return null // Give up, we've already attempted to authenticate.
              }

              println("Authenticating for response: $response")
              println("Challenges: ${response.challenges()}")
              val credential = Credentials.basic("jesse", "password1")
              return response.request.newBuilder()

## 3. Multi-Channel Architecture

### 3.1 Channel States
```java
public enum ChannelState {
    DISCONNECTED(0),     // Not connected
    CONNECTING(1),       // Connection in progress
    AUTHENTICATING(2),   // Authentication in progress
    ESTABLISHED(3),      // Ready for use
    BINDING(4),         // Channel binding in progress
    ACTIVE(5),          // Actively transferring data

search_engine.http.url=http://localhost:9201
# Path to SSL certificate authorities for secure HTTP connections.
search_engine.http.ssl.certificate_authorities=
# Username for authenticating to the search engine.
search_engine.username=
# Password for authenticating to the search engine.
search_engine.password=
# Interval (ms) for heartbeat checks to the search engine.
search_engine.heartbeat_interval=10000

 *  Fix: Improve recovery from failed routes.
 *  Fix: Accommodate tunneling proxies that close the connection after an auth
    challenge.
 *  Fix: Use the proxy authenticator when authenticating HTTP proxies. This
    regression was introduced in OkHttp 3.0.
 *  Fix: Fail fast if network interceptors transform the response body such that
    closing it doesn't also close the underlying stream. We had a bug where

- Kube-apiserver: Made sure that when `--requestheader-client-ca-file` and `--client-ca-file` contain overlapping certificates, `--requestheader-allowed-names` must be specified so that regular client certificates cannot set authenticating proxy headers for arbitrary users. ([#131411](https://github.com/kubernetes/kubernetes/pull/131411), [@ballista01](https://github.com/ballista01)) [SIG API Machinery, Auth and Security]

     * comment: Username for authenticating to the search engine.
     * @return The value of found property. (NotNull: if not found, exception but basically no way)
     */
    String getSearchEngineUsername();

    /**
     * Get the value for the key 'search_engine.username' as {@link Integer}. <br>
     * The value is, e.g.  <br>
     * comment: Username for authenticating to the search engine.