Da wir eine relative URL verwenden, würde sich das, wenn sich Ihre API unter `https://example.com/` befindet, auf `https://example.com/token` beziehen. Wenn sich Ihre API jedoch unter `https://example.com/api/v1/` befände, würde es sich auf `https://example.com/api/v1/token` beziehen.

      } catch (ClassNotFoundException runningUnderAndroidOrJava8) {
        /*
         * I'm not sure that we could actually get here for *Android*: I would expect us to enter
         * the POSIX code path instead. And if we tried this code path, we'd have trouble unless we
         * were running under a new enough version of Android to support NIO.
         *

But in this case, the same **FastAPI** application will handle the API and the authentication.

So, let's review it from that simplified point of view:

* The user types the `username` and `password` in the frontend, and hits `Enter`.
* The frontend (running in the user's browser) sends that `username` and `password` to a specific URL in our API (declared with `tokenUrl="token"`).

        InternalSession iSession = defaultSessionFactory.newSession(mSession);
        mSession.setSession(iSession);

        SessionScope sessionScope = getContainer().lookup(SessionScope.class);
        sessionScope.enter();
        sessionScope.seed(MavenSession.class, mSession);
        sessionScope.seed(Session.class, iSession);
        sessionScope.seed(InternalMavenSession.class, InternalMavenSession.from(iSession));
    }

Mas nesse caso, a mesma aplicação **FastAPI** irá lidar com a API e a autenticação.

Então, vamos rever de um ponto de vista simplificado:

* O usuário digita o `username` e a `senha` no frontend e aperta `Enter`.
* O frontend (rodando no browser do usuário) manda o `username` e a `senha` para uma URL específica na sua API (declarada com `tokenUrl="token"`).

O = MyOrg
OU = MyOU
CN = MyServerName

[v3_req]
subjectAltName = @alt_names

[alt_names]
IP.1 = 127.0.0.1
DNS.1 = localhost
```

Run `openssl` by specifying the configuration file and enter a passphrase if prompted:

```sh
openssl req -new -x509 -nodes -days 730 -keyout private.key -out public.crt -config openssl.conf
```

### 3.3 Use GnuTLS (for Windows) to Generate a Certificate

Pero en este caso, la misma aplicación de **FastAPI** manejará la API y la autenticación.

Así que, revisémoslo desde ese punto de vista simplificado:

* El usuario escribe el `username` y `password` en el frontend, y presiona `Enter`.
* El frontend (ejecutándose en el navegador del usuario) envía ese `username` y `password` a una URL específica en nuestra API (declarada con `tokenUrl="token"`).

Но в нашем случае одно и то же приложение **FastAPI** будет работать с API и аутентификацией.

Итак, рассмотрим его с этой упрощенной точки зрения:

* Пользователь вводит на фронтенде `имя пользователя` и `пароль` и нажимает `Enter`.
* Фронтенд (работающий в браузере пользователя) отправляет эти `имя пользователя` и `пароль` на определенный URL в нашем API (объявленный с помощью параметра `tokenUrl="token"`).

 * which is commonly used for Kerberos-based authentication in Windows environments.
 * It handles the negotiation between client and server to establish a secure
 * authentication context without requiring users to explicitly enter credentials.
 *
 * The authenticator supports various configuration options including delegation,
 * basic authentication fallback, and localhost authentication bypass.
 */

 *   <li>isImplicit: Whether to use implicit SSL/TLS encryption.</li>
 *   <li>trustManager: The trust manager to use for SSL/TLS connections ("all", "valid", or "none").</li>
 *   <li>enterLocalPassiveMode: Whether to enter local passive mode.</li>
 *   <li>ftpAuthentications: An array of {@link FtpAuthentication} objects for different FTP URLs.</li>
 * </ul>
 *
 * <p>