I managed to get it running on Tomcat, I configured the picketlink.xml to use our company sso and I configured the sso to accept request from myapp.
Now everything is working but the user still does not access to the myapp web pages (http 403 error) when he is redirected back to the service provider. It means that the user is authenticated but not authorized. I guess that's related to the role ... but the problem is that I don't have the role notion in my sso company
How can I configure Picketlink or Tomcat to authorize authenticated user to access my webapp pages ?