0 Replies Latest reply on Jun 3, 2015 5:36 AM by luis size

    External SSO authentication on Tomcat

    luis size Newbie

      Hello all,


      I am using PicketLink to implement a Service Provider that uses an external Saml Based SSO to authenticate users. I want to protect my web pages like this:


      I am using the employee sample application to do this: https://github.com/picketlink2/picketlink-quickstarts/tree/master/saml/employee

      I managed to get it running on Tomcat, I configured the picketlink.xml to use our company sso and I configured the sso to accept request from myapp.


      Now everything is working but the user still does not access to the myapp web pages (http 403 error) when he is redirected back to the service provider. It means that the user is authenticated but not authorized. I guess that's related to the role ... but the problem is that I don't have the role notion in my sso company


      How can I configure Picketlink or Tomcat to authorize authenticated user to access my webapp pages ?


      Thanks for you help