I’m currently evaluating OpenAM as a Single-Sign-On server to use together with Camunda. I found a post on the Google forum about SSO, but am not able to get it to work. I changed the web.xml file as described in web.xml. I used the AuthenticationFilter described in AuthFilter.
The current state of my solution is the following. When I go to the camunda web app I get redirected to the OpenAM portal. I can login, get redirected again (on successful login) back to the camunda web app. So far so good, but then Camunda returns a 403 Forbidden for the (should be authenticated) request.
By experimenting a bit, I think I narrowed my issue down to the AuthenticationFilter class. I tried to add the gist (referenced in the aforementioned forum post) as a library in the server, but failed to get it to work.
Does anyone have any additional information about how to do SSO in Camunda or even about the OpenAM solution? Is there any additional documentation available, besides the forum post, to set up SSO on Camunda BPM? Are there any suggestions to which SSO software to use?
Thank you in advance.