Spring Security plugin for camunda-run distribution

Hi All,
I have created a custom spring boot project and integrated saml2 based okta integration with it and works fine locally. Now I want to create it as plugin to camunda-run distribution so I followed the excellent instructions in below guide from @rob2universe and

  1. I added a spring.factories inside META-INF to make the jar scannable and also added org.springframework.boot.loader.PropertiesLauncherentry to MANIFEST.MF
  1. Exported the project to a jar file using command
    maven clean package

  2. Added this Jar to the class path of Camunda-run, it gets detected by spring framework but fails due to missing dependencies in camunda-run classpath for following pom dependencies

    <dependency>
      <groupId>org.springframework.security</groupId>
      <artifactId>spring-security-saml2-service-provider</artifactId>
    </dependency>
    <dependency>
      <groupId>org.springframework.boot</groupId>
      <artifactId>spring-boot-starter-security</artifactId>
    </dependency>

How do I now make these dependencies as part of my custom plugin jar during export? I tried exporting all the dependences using maven-assembly plugin to my plugin jar but it also fails.

Workaround : I cloned camunda-run source code and added these dependencies to camaunda-run - core pom file and build it again from scratch. This time it works perfectly fine.

I don’t want to use above method as I want to use plugin architecture rather then building camunda-run again. Please suggest.
If I am able to make it work , I am planning to donate this to camunda community .

You can place additional jar into the userlib folder (Camunda Platform Run | docs.camunda.org), However, this won’t work for a complete Spring Security starter. There is more to be loaded during application bootstrap in this case. I am not aware of a way to add Spring Security to the RUN distribution. If you need Spring security, then you best switch to a Spring Boot build e.g. using https://start.camunda.com/

Hi @rob2universe Robert ,
I have realized this after spending 2 days that it is very tough to activate spring security inside camunda-run via plugin. For now I am proceeding with following solutions

  1. Custom spring-boot based solution
  2. Recompiled camunda-run with spring security and saml2 dependencies + custom sso plugin i created inside a spring-boot project

Thanks a lot