makePolicyJob: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 resources: requests: memory: 128Mi # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

makePolicyJob: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 resources: requests: memory: 128Mi # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

makePolicyJob: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 resources: requests: memory: 128Mi # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://min.io/docs/minio/kubernetes/upstream/administration/identity-access-management.h...

而所有這些上千個*路徑操作*都可以小到只要 3 行：

{* ../../docs_src/security/tutorial002_an_py310.py hl[30:32] *}

## 回顧 { #recap }

現在你可以在*路徑操作函式*中直接取得目前使用者。

我們已經完成一半了。

我們只需要再新增一個*路徑操作*，讓使用者/用戶端實際送出 `username` 與 `password`。

            result.setName(DfTypeUtil.toString(source.get("name")));
            result.setPager(DfTypeUtil.toString(source.get("pager")));
            result.setPassword(DfTypeUtil.toString(source.get("password")));
            result.setPhysicalDeliveryOfficeName(DfTypeUtil.toString(source.get("physicalDeliveryOfficeName")));
            result.setPostOfficeBox(DfTypeUtil.toString(source.get("postOfficeBox")));

            result.setHostname(DfTypeUtil.toString(source.get("hostname")));
            result.setParameters(DfTypeUtil.toString(source.get("parameters")));
            result.setPassword(DfTypeUtil.toString(source.get("password")));
            result.setPort(DfTypeUtil.toInteger(source.get("port")));
            result.setProtocolScheme(DfTypeUtil.toString(source.get("protocolScheme")));

requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} extraVolumes: [] extraVolumeMounts: [] # Command to run after the main command on exit exitCommand: "" ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will fail if...

### Browser UI

- Search UI: http://localhost:8080/

![Search UI](https://fess.codelibs.org/_images/fess_search_result1.png)

- Admin UI: http://localhost:8080/admin/ (default username/password is admin/admin)

![Admin UI](https://fess.codelibs.org/_images/fess_admin_dashboard.png)

当第三方应用使用用户提供的令牌访问这些*路径操作*时，也会发生同样的情况，取决于用户授予该应用了多少权限。

## 关于第三方集成 { #about-third-party-integrations }

在这个示例中我们使用的是 OAuth2 的“password”流。

当我们登录自己的应用（很可能还有我们自己的前端）时，这是合适的。

因为我们可以信任它来接收 `username` 和 `password`，毕竟我们掌控它。

但如果你在构建一个 OAuth2 应用，让其它应用来连接（也就是说，你在构建等同于 Facebook、Google、GitHub 等的身份验证提供商），你应该使用其它的流。

最常见的是隐式流（implicit flow）。

annotations: securityContext: enabled: false runAsUser: 1000 runAsGroup: 1000 fsGroup: 1000 resources: requests: memory: 128Mi nodeSelector: {} tolerations: [] affinity: {} ## List of users to be created after minio install ## users: ## Username, password and policy to be assigned to the user ## Default policies are [readonly|readwrite|writeonly|consoleAdmin|diagnostics] ## Add new policies as explained here https://docs.min.io/docs/minio-multi-user-quickstart-guide.html ## NOTE: this will fail if...