# HTTP Basic 認証 { #http-basic-auth }

最もシンプルなケースでは、HTTP Basic 認証を利用できます。

HTTP Basic 認証では、アプリケーションはユーザー名とパスワードを含むヘッダーを期待します。

それを受け取れない場合、HTTP 401 "Unauthorized" エラーを返します。

そして、値が `Basic` のヘッダー `WWW-Authenticate` を、任意の `realm` パラメータとともに返します。

これにより、ブラウザは組み込みのユーザー名とパスワード入力プロンプトを表示します。

その後、そのユーザー名とパスワードを入力すると、ブラウザはそれらをヘッダーに自動的に付与して送信します。

## シンプルな HTTP Basic 認証 { #simple-http-basic-auth }

		Prefix: r.Form.Get("pattern"),
	})
	if err != nil {
		writeErrorResponseJSON(ctx, w, toAdminAPIErr(ctx, err), r.URL)
		return
	}

	// Get the cred and owner for checking authz below.
	cred, owner, s3Err := validateAdminSignature(ctx, r, "")
	if s3Err != ErrNone {
		writeErrorResponseJSON(ctx, w, errorCodes.ToAPIErr(s3Err), r.URL)
		return
	}

KEY:
policy_plugin  enable Access Management Plugin for policy enforcement

ARGS:
MINIO_POLICY_PLUGIN_URL*          (url)       plugin hook endpoint (HTTP(S)) e.g. "http://localhost:8181/v1/data/httpapi/authz/allow"
MINIO_POLICY_PLUGIN_AUTH_TOKEN    (string)    authorization header for plugin hook endpoint
MINIO_POLICY_PLUGIN_ENABLE_HTTP2  (bool)      Enable experimental HTTP2 support to connect to plugin service (default: 'off')

        Kerb5Authenticator auth = new Kerb5Authenticator(subj, "DOM", "user", "pass");
        auth.setUser("alice");
        auth.setRealm("EXAMPLE.COM");
        auth.setService("cifs");
        auth.setUserLifeTime(123);
        auth.setLifeTime(456);
        auth.setForceFallback(true);

        Kerb5Authenticator cloned = auth.clone();

        assertNotSame(auth, cloned);

        JAASAuthenticator auth = spy(new JAASAuthenticator());
        // Avoid real JAAS by stubbing getSubject
        doReturn(new Subject()).when(auth).getSubject();

        // Act
        CredentialsInternal result = auth.renew();

        // Assert interaction and return value
        assertSame(auth, result);
        verify(auth, times(1)).getSubject();
    }

        @Override
        public HashMap getTrustedDomains(NtlmPasswordAuthentication auth) throws SmbAuthException {
            if (disabled || auth.domain == "?")
                return null;
            return super.getTrustedDomains(auth);
        }

        @Override
        public SmbTransport getDc(String domain, NtlmPasswordAuthentication auth) throws SmbAuthException {
            if (disabled)
                return null;

            }
        }
        t = new SmbTree(this, share, service);
        trees.addElement(t);
        return t;
    }

    boolean matches(final NtlmPasswordAuthentication auth) {
        return this.auth == auth || this.auth.equals(auth);
    }

    synchronized SmbTransport transport() {
        if (transport == null) {
            transport = SmbTransport.getSmbTransport(address, port, localAddr, localPort, null);

                this.auth.isGuest() ? null : this.auth.getUserDomain(),
                this.auth.isGuest() ? this.transportContext.getConfig().getGuestUsername() : this.auth.getUsername(), this.workstation,
                this.ntlmsspFlags, this.auth.isGuest() || !this.auth.isAnonymous());
    }

    /**

    /**
     * Test parsing with an unknown auth type.
     * Expects an empty list of authorizations.
     * @throws PACDecodingException should not be thrown
     */
    @Test
    void testParseUnknownAuthType() throws PACDecodingException {
        // GIVEN an unknown auth type
        int unknownAuthType = -1;
        byte[] emptyToken = new byte[0];

        // WHEN parsing the auth data

    /**
     * Gets the map of trusted domains for DFS resolution
     * @param auth the authentication credentials
     * @return a map of trusted domain names to domain controllers
     * @throws SmbAuthException if authentication fails
     */
    public HashMap getTrustedDomains(final NtlmPasswordAuthentication auth) throws SmbAuthException {
        if (DISABLED || auth.domain == "?") {
            return null;
        }