LabelType labelType2 = new LabelType();
        labelType2.setName("Test Label 2");
        labelType2.setValue("test2");
        labelType2.setPermissions(new String[] { "role1", "role2" });
        labelType2.setVirtualHost("example.com");
        // Locale is derived from value, not set directly
        labelType2.setIncludedPaths("/admin.*");
        labelType2.setExcludedPaths("");

                logger.warn("Failed to access groups/roles: {}", contentMap);
            }
        } catch (final IOException e) {
            logger.warn("Failed to access groups/roles in Entra ID.", e);
        }
    }

    /**
     * Adds a group or role name to the specified list.
     * @param list The list to add the group or role name to.
     * @param value The group or role name value.

/**
 * Exception thrown when user role authentication fails during login attempts.
 * This exception is used to indicate that a user does not have the required role
 * to access a specific action or resource.
 *
 */
public class UserRoleLoginException extends RuntimeException {

    private static final long serialVersionUID = 1L;

    /** The action class that requires specific user roles */

        BoolQueryBuilder boolQuery = QueryBuilders.boolQuery();
        Set<String> roles = Set.of("role1", "role2");

        queryHelper.buildRoleQuery(roles, boolQuery);

        String queryString = boolQuery.toString();
        assertTrue(queryString.contains("role1"));
        assertTrue(queryString.contains("role2"));
        assertTrue(queryString.contains("filter"));
    }

    @Test

#### Adding 'admin' Role

- Go to Roles
  - Add new Role `admin` with Description `${role_admin}`.
  - Add this Role into compositive role named `default-roles-{realm}` - `{realm}` should be replaced with whatever realm you created from `prerequisites` section. This role is automatically trusted in the 'Service Accounts' tab.

- Check that `account` client_id has the role 'admin' assigned in the "Service Account Roles" tab.

Harshavardhana <******@****.***> 1723857894 -0700

    /**
     * Redirects an authenticated user to the appropriate admin interface based on their roles.
     * Users with admin roles are redirected to the dashboard, while other users are redirected
     * to their designated admin action class or to the root if no specific action is available.
     *
     * @param user the authenticated user bean containing role information
     * @return HTML response redirecting to the appropriate admin interface
     */

		}

		// Check if claim name is the non-default value and role policy is set.
		if p.ClaimName != policy.PolicyName && p.RolePolicy != "" {
			// In the unlikely event that the user specifies
			// `policy.PolicyName` as the claim name explicitly and sets
			// a role policy, this check is thwarted, but we will be using
			// the role policy anyway.

        final CreateForm form = new CreateForm();
        form.roles = new String[] { "admin", "user" };
        form.groups = new String[] { "group1", "group2" };

        assertNotNull(form.roles);
        assertEquals(2, form.roles.length);
        assertEquals("admin", form.roles[0]);
        assertEquals("user", form.roles[1]);

        assertNotNull(form.groups);
        assertEquals(2, form.groups.length);

    /**
     * Checks if the current user has the specified action role or administrative privileges.
     *
     * @param role the role to check (supports both view and edit variants)
     * @return true if the user has the role or admin privileges, false otherwise
     */
    public static boolean hasActionRole(final String role) {
        final String[] roles;
        if (role.endsWith(FessAdminAction.VIEW)) {