> On Nov 27, 2023, at 5:02 PM, Veniamin Gvozdikov
> <[email protected]> wrote:
>
> Hello,
>
> I tried to use groups from file
> src/main/java/org/apache/directory/fortress/core/ant/Addgroup.java
>
> * <addgroup>
> * <group name="test001" protocol="test" description="Test Group
> 001" members="guser1,guser2,guser3"
> * properties="key1=value1, key2=val 2, key3='VAL 3'" />
> * </addgroup>
>
> But the script with the snippet returns me.
>
> BUILD FAILED
> InitGroups.xml:34: group doesn't support the "members" attribute
>
> Total time: 1 second
>
The attribute name is wrong have you tried:
```
<addgroup>
<group name="test-group-1”
…
memberswithcsv=“user1,user2,user3”
…
</addgroup>
```
> Could you please explain how groups work? I would like to assign a bunch of
> roles to the group and add accounts to the group.
Groups may have users (as members) or they may have roles, but not both.
The Group of roles concept allows RBAC sessions to be created with a group name
as the principal as opposed to a userId. Think trusted scenarios where the user
was already authenticated elsewhere.
The session may then be used on subsequent RBAC ops.
User groups are not supported in RBAC ops.
Are we missing a key use case?
Thanks
—
Shawn
> --
> Regards,
> Veniamin
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
