--- a/src/pyams_security/property.py	Wed May 20 12:31:27 2015 +0200
+++ b/src/pyams_security/property.py	Wed Jun 17 09:59:18 2015 +0200
@@ -18,7 +18,7 @@
 # import interfaces
 from pyams_security.interfaces import IRole, IProtectedObject, IPrincipalInfo, IRoleProtectedObject
 from pyams_security.schema import IRoleField
-from zope.schema.interfaces import IField
+from zope.schema.interfaces import IField, ISet
 
 # import packages
 
@@ -53,12 +53,15 @@
         return protection.get_principals(self.__role_id)
 
     def __set__(self, instance, value):
-        if value is None:
-            value = set()
-        elif isinstance(value, str):
-            value = set(value.split(','))
-        value = set(map(lambda x: x.id if IPrincipalInfo.providedBy(x) else x, value))
         field = self.__field.bind(instance)
+        if ISet.providedBy(field):
+            if value is None:
+                value = set()
+            elif isinstance(value, str):
+                value = set(value.split(','))
+            value = set(map(lambda x: x.id if IPrincipalInfo.providedBy(x) else x, value))
+        else:
+            value = value.id if IPrincipalInfo.providedBy(value) else value
         field.validate(value)
         if field.readonly:
             raise ValueError("Field {0} is readonly!".format(self.__name))
@@ -67,6 +70,8 @@
             raise ValueError("Can't use role properties on object not providing "
                              "IRoleProtectedObject interface!")
         old_principals = protection.get_principals(self.__role_id)
+        if not isinstance(value, set):
+            value = {value}
         added = value - old_principals
         removed = old_principals - value
         for principal_id in added: