- In your case the roles in "x-proxy-roles" are your backend roles.
- You map them in sg_roles_mapping.yml to "seach guard roles" which are defined in sg_roles.yml
- Your authentication backend (authc) should be "noop" and you dont need any authorization backends (authz).
- yes, sg_internal_users.yml is not needed.
- if it is sufficient for you to only map ther user to "search guard" roles (in sg_roles_mapping.yml) then you need to care about backend roles
Can you point to the section in the docs "As stated by the manual this means that the backend roles are not used at all". This is not true.
Hope this helps
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to
search-guard...@googlegroups.com.
> To post to this group, send email to
search...@googlegroups.com.
> To view this discussion on the web visit
https://groups.google.com/d/msgid/search-guard/d9cb67c2-1c82-4b70-98df-bbe480e941ff%40googlegroups.com.
> For more options, visit
https://groups.google.com/d/optout.