/**
 * Abstract base class for Fess API actions that provides common functionality
 * for API endpoints including authentication, message handling, and access control.
 *
 * This class extends FessBaseAction and provides specialized behavior for API requests,
 * including token-based authentication and JSON response handling.
 */
public abstract class FessApiAction extends FessBaseAction {

    /**
     * Default constructor.

 *
 * ### Server Authentication
 *
 * This is the most common form of TLS authentication: clients verify that servers are trusted and
 * that they own the hostnames that they represent. Server authentication is required.
 *
 * To perform server authentication:
 *
 *  * The server's handshake certificates must have a [held certificate][HeldCertificate] (a

import jakarta.annotation.Resource;

/**
 * Service class for managing file authentication configurations.
 * This service provides operations for retrieving, storing, and deleting
 * file authentication settings used by the Fess search engine.
 */
public class FileAuthenticationService {

    /**
     * Default constructor for file authentication service.
     * Creates a new instance with default values.
     */

 *
 * This class provides Single Sign-On (SSO) authentication using the SPNEGO protocol,
 * which is commonly used for Kerberos-based authentication in Windows environments.
 * It handles the negotiation between client and server to establish a secure
 * authentication context without requiring users to explicitly enter credentials.
 *

        }
        auth = a;
    }

    /**
     * Gets the URL that is requesting authentication.
     * @return the URL requiring authentication
     */
    protected final String getRequestingURL() {
        return url;
    }

    /**
     * Gets the authentication exception that triggered this request.
     * @return the authentication exception
     */
    protected final SmbAuthException getRequestingException() {

import jakarta.validation.constraints.Size;

/**
 * Form class for editing file authentication configurations in the admin interface.
 * This form extends CreateForm to include fields necessary for updating existing file authentication entries,
 * including tracking information for optimistic locking and audit trails.
 * File authentication configurations define access control for file system crawling operations.
 *
 */

     */
    protected CacheEntry referrals = null;

    /**
     * Gets the map of trusted domains for DFS resolution
     * @param auth the authentication credentials
     * @return a map of trusted domain names to domain controllers
     * @throws SmbAuthException if authentication fails
     */
    public HashMap getTrustedDomains(final NtlmPasswordAuthentication auth) throws SmbAuthException {
        if (DISABLED || auth.domain == "?") {

import jcifs.util.Crypto;
import jcifs.util.Hexdump;

/**
 * For initiating NTLM authentication (including NTLMv2). If you want to add NTLMv2 authentication support to something
 * this is what you want to use. See the code for details. Note that JCIFS does not implement the acceptor side of NTLM
 * authentication.
 *
 */
public class NtlmContext implements SSPContext {

    }

    /**
     * Gets the array of supported authentication mechanisms
     * @return the mechanisms array
     */
    public ASN1ObjectIdentifier[] getMechanisms() {
        return this.mechanisms;
    }

    /**
     * Sets the array of supported authentication mechanisms
     * @param mechanisms the mechanisms to set
     */

    * A cookie.
* `http`: standard HTTP authentication systems, including:
    * `bearer`: a header `Authorization` with a value of `Bearer ` plus a token. This is inherited from OAuth2.
    * HTTP Basic authentication.
    * HTTP Digest, etc.
* `oauth2`: all the OAuth2 ways to handle security (called "flows").
    * Several of these flows are appropriate for building an OAuth 2.0 authentication provider (like Google, Facebook, X (Twitter), GitHub, etc):