final String[] roles = values[1].split(roleSeparator);
                for (final String role : roles) {
                    if (StringUtil.isNotEmpty(role)) {
                        roleSet.add(role);
                    }
                }
            }
        } else {
            final String[] roles = rolesStr.split(roleSeparator);
            for (final String role : roles) {

                logger.warn("Failed to access groups/roles: {}", contentMap);
            }
        } catch (final IOException e) {
            logger.warn("Failed to access groups/roles in Entra ID.", e);
        }
    }

    /**
     * Adds a group or role name to the specified list.
     * @param list The list to add the group or role name to.
     * @param value The group or role name value.

     * @param roles array of roles to filter results
     * @param fields array of fields to search in
     * @param excludes array of words to exclude from results
     * @return list of popular words matching the criteria
     */
    public List<String> getWordList(final SearchRequestType searchRequestType, final String seed, final String[] tags, final String[] roles,

authentication.admin.users=admin
# Admin role names for authentication.
authentication.admin.roles=admin

# Default permissions for search roles.
role.search.default.permissions=
# Default display permissions for search roles.
role.search.default.display.permissions={role}guest
# Guest permissions for search roles.
role.search.guest.permissions={role}guest

# Prefix for user roles in search.

    }

    /**
     * Processes sub-roles for the specified LDAP user.
     *
     * @param ldapUser the LDAP user to process sub-roles for
     * @param bindDn the bind DN for LDAP connection
     * @param subRoleSet the set of sub-roles to process
     * @param groupFilter the group filter pattern
     * @param roleSet the set of roles to update
     */

            this.groups = groups;
        }

        /**
         * Sets the user's role assignments.
         * @param roles Array of role names.
         */
        public synchronized void setRoles(final String[] roles) {
            this.roles = roles;
        }

        /**
         * Resets permissions to force recalculation on next getPermissions() call.

                if (fessConfig.isValidSearchLogPermissions(roles.toArray(new String[roles.size()]))) {
                    suggester.indexer()
                            .indexFromSearchWord(sb.toString(), fields.toArray(new String[fields.size()]),
                                    tags.toArray(new String[tags.size()]), roles.toArray(new String[roles.size()]), 1, langs);

If you want to secure your API, there are several better things you can do, for example:

* Make sure you have well defined Pydantic models for your request bodies and responses.
* Configure any required permissions and roles using dependencies.
* Never store plaintext passwords, only password hashes.
* Implement and use well-known cryptographic tools, like pwdlib and JWT tokens, etc.
* Add more granular permission controls with OAuth2 scopes where needed.

                throw new WebApiException(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e);
            }
        }
    }

    /**
     * Sets the roles that are allowed to access the search engine API.
     *
     * @param acceptedRoles array of role names that can access the API
     */
    public void setAcceptedRoles(final String[] acceptedRoles) {
        this.acceptedRoles = acceptedRoles;
    }

    /**

 * </pre>
 *
 * <h2>Optional Configuration</h2>
 * <pre>
 * # User attribute mapping
 * saml.attribute.group.name=groups
 * saml.attribute.role.name=roles
 *
 * # Default groups/roles for authenticated users
 * saml.default.groups=user
 * saml.default.roles=user
 * </pre>
 *
 * <h2>Security Settings (Production)</h2>
 * <p>For production environments, consider enabling these security features:</p>
 * <pre>