logger.warn("User session not found during password change - potential session timeout or security issue");
            return redirect(LoginAction.class);
        }
        final String username = getUserBean().get().getUserId();
        try {
            userService.changePassword(username, form.password);
            saveInfo(messages -> messages.addSuccessChangedPassword(GLOBAL));
        } catch (final Exception e) {

    public void test_getUserId() {
        // Test with normal user
        testUser.setName("testuser");
        assertEquals("testuser", fessUserBean.getUserId());

        // Test with another name
        testUser.setName("admin");
        assertEquals("admin", fessUserBean.getUserId());
    }

    @Test
    public void test_getPermissions() {
        // Test with empty permissions

     */
    public EntraIdCredential(final IAuthenticationResult authResult) {
        this.authResult = authResult;
    }

    @Override
    public String getUserId() {
        return authResult.account().username();
    }

    @Override
    public String toString() {
        return "{" + authResult.account().username() + "}";
    }

    /**

     */
    public void setSessionId(final String sessionId) {
        this.sessionId = sessionId;
    }

    /**
     * Gets the user ID.
     *
     * @return the user ID
     */
    public String getUserId() {
        return userId;
    }

    /**
     * Sets the user ID.
     *
     * @param userId the user ID
     */
    public void setUserId(final String userId) {
        this.userId = userId;

            public void accessDenied(final OptionalThing<FessUserBean> user, final String path) {
                final Map<String, String> log = new LinkedHashMap<>();
                log.put("user", user.map(FessUserBean::getUserId).orElse("-"));
                log.put("path", path);
                capturedLogs.add(log);
            }
        };
    }

        final String userCode = fessConfig.isUserInfo() ? ComponentUtil.getUserInfoHelper().getUserCode() : null;
        final String userId = ComponentUtil.getRequestManager().findUserBean(FessUserBean.class).map(FessUserBean::getUserId).orElse(null);
        final HttpServletRequest request = LaRequestUtil.getOptionalRequest().orElse(null);
        final String clientIp = request != null ? ComponentUtil.getViewHelper().getClientIp(request) : null;

    }

    @Test
    public void test_defaultConstructor() {
        final ChatSession session = new ChatSession();
        assertNotNull(session.getSessionId());
        assertNull(session.getUserId());
        assertNotNull(session.getCreatedAt());
        assertNotNull(session.getLastAccessedAt());
        assertNotNull(session.getMessages());
        assertTrue(session.getMessages().isEmpty());
    }

     *
     * @return The username, or "guest" if not logged in.
     */
    public String getUsername() {
        return getRequestManager().findUserBean(FessUserBean.class).map(FessUserBean::getUserId).orElse(Constants.GUEST_USER);
    }

    /**
     * Gets the request manager.
     *
     * @return The request manager.
     */
    protected RequestManager getRequestManager() {

        if (sessionId != null) {
            final ChatSession session = findSession(sessionId);
            if (session != null) {
                final String sessionUserId = session.getUserId();
                // Validate userId matches - prevent cross-user session access
                if (userId != null && !userId.equals(sessionUserId)) {

            return null;
        });
        getUserBean().ifPresent(u -> {
            if (u.getFessUser() instanceof User && entity.getName().equals(u.getUserId())) {
                throwValidationErrorApi(messages -> messages.addErrorsCouldNotDeleteLoggedInUser(GLOBAL));
            }
        });
        try {
            userService.delete(entity);