Yeah, that’s confusing. I will improve that.
> Le 13 janv. 2021 à 12:29, Richard Hierlmeier <rhierlme...@googlemail.com> a > écrit : > > > The only problem is, that this fact is not documented in > https://karaf.apache.org/manual/latest/security. > It is explicitly documented that "group" is a role: > > ... > > _g_\:admingroup = group,admin,manager,viewer,ssh > > ... > > A group defines a set of roles. By default, the admingroup defines group, > > admin, manager, and viewer > > roles. > Thank you. > > Richard > > > >> Am Mi., 13. Jan. 2021 um 11:13 Uhr schrieb Jean-Baptiste Onofre >> <j...@nanthrax.net>: >> Hi, >> >> The first part is a "fake" password for the group (to use the same syntax). >> >> That’s why, by default, in Karaf, we have: >> >> karaf = karaf,_g_:admingroup >> _g_\:admingroup = group,admin,manager,viewer,systembundles,ssh >> >> Group is not really a role, it’s just a tag for group. >> >> For any group roles have to be defined with the following syntax: >> >> _g_\:group=group,role >> >> That’s the current behavior. >> >> If you consider as problematic, I can improve this to "ignore" the "tag >> group role". >> >> Regards >> JB >> >> > Le 13 janv. 2021 à 10:54, Richard Hierlmeier <rhierlme...@googlemail.com> >> > a écrit : >> > >> > >> > In a test installation I had the following etc/users.properties file. >> > >> > karaf= karaf,_g_:admingroup >> > _g_\:admingroup = admin,manager,viewer >> > >> > After a login the user karaf was only in role manager and viewer. >> > I found out that the first role of a group is always ignored. >> > >> > Why is it ignored? >> > >> > >> > >>
