The application I have developed provides custom dashboard, custom task list for user to to work and complete the task and other features.
Now I want to apply security to the application. We have SSO requirement that will be applied. There are custom roles that are required for the user. Where/how can I specify the custom roles when provisioning the user in cockpit?
I plan to use spring security framework to control authorizations on the pages in the app. how can I map any custom roles (if I can define them in cockpit) to spring security?
Yes you are right. I figured it out after posting that Groups can be used as my custom roles.
How can I map the SSO user with the Groups?
I plan to use spring security through which I can extract the siteminder user and then I make a second check against the User/groups configured in camunda. Is this the right approach?
SSO User-> filter1 (to extract the SM user)->Filter2 (to check the user authorization f using Camunda API/Authprovider) - > give/deny access. Does this look right?