There is a method checkPassword to override in Custom Identity Provider which implements ReadOnlyIdentityProvider,
@Override
public boolean checkPassword(String userId, String password) {
…
}
In our case, we use Spring Security OAuth2/SSO to take care of the authentication into Camunda WebApp. Since SSO, user do not need to login with password. For authorization, we get user/group information from external data source. For the customized identity provider, we do not really have user password involved. How to override checkPassword method?
Also Camunda engine runs as Spring Boot Embedded, during workflow, user go through our own web application UI to complete task instead of WebApp tasklikst. Due to SSO, there is no need for user to enter password. Without password, how does Custom Identity Provider work if checkPassword method is necessary?
@aravindhrs, thanks for the response. Your post is about authentication part. We already did the similar thing in Spring Security with OAuth2 and Single Sign On. We have no problem to login to Camunda WebApp with our own authentication provider. My post is talking about the other half, authorization. Since we are not using out of box identity provider or any ldap provider, we seems to have to customize identify provider which implements ReadOnlyIdentityProvider, now my question is how to deal with the method
checkPassword(String userId, String password)
which is supposed to be implemented in our customized identity provider. Since we use OAuth2 and Single Sign On, we do not deal with password directly.