Bump cherrypy from 18.8.0 to 18.9.0 (#2266)

* Bump cherrypy from 18.8.0 to 18.9.0

Bumps [cherrypy](https://github.com/cherrypy/cherrypy) from 18.8.0 to 18.9.0.
- [Changelog](https://github.com/cherrypy/cherrypy/blob/main/CHANGES.rst)
- [Commits](https://github.com/cherrypy/cherrypy/compare/v18.8.0...v18.9.0)

---
updated-dependencies:
- dependency-name: cherrypy
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update cherrypy==18.9.0

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: JonnyWong16 <9099342+JonnyWong16@users.noreply.github.com>

[skip ci]

lib/win32/Demos/security/sspi/validate_password.py

@@ -0,0 +1,41 @@
+# Demonstrates how to validate a password.
+# See also MSKB article Q180548
+#
+# To use with Kerberos you need to jump through the 'targetspn' hoops.
+
+import sys
+
+import win32security
+from sspi import ClientAuth, ServerAuth
+
+
+def validate(username, password, domain=""):
+    auth_info = username, domain, password
+    ca = ClientAuth("NTLM", auth_info=auth_info)
+    sa = ServerAuth("NTLM")
+
+    data = err = None
+    while err != 0:
+        err, data = ca.authorize(data)
+        err, data = sa.authorize(data)
+    # If we get here without exception, we worked!
+
+
+if __name__ == "__main__":
+    if len(sys.argv) not in [2, 3, 4]:
+        print("Usage: %s username [password [domain]]" % (__file__,))
+        sys.exit(1)
+
+    # password and domain are optional!
+    password = None
+    if len(sys.argv) >= 3:
+        password = sys.argv[2]
+    domain = ""
+    if len(sys.argv) >= 4:
+        domain = sys.argv[3]
+    try:
+        validate(sys.argv[1], password, domain)
+        print("Validated OK")
+    except win32security.error as details:
+        hr, func, msg = details
+        print("Validation failed: %s (%d)" % (msg, hr))