I'm now trying to implement SSO between some web applications. It works fine but there is still one problem. While a user have multiple roles, he will fail to switch to applications that need different roles. Does it mean a user can only be binded to one role after he login?
For example we have three web modules A, B and C. B requires roleB and c requires roleC, and A allows both roleB and roleC. If a user have both roleB and roleC, he can switch from B or C to A, but he cannot switch from B to C. But what I want is make users switch between all of these modules seamlessly.