Hello, Sorry once more :(
I would like to use Syncope in my app (using Spring Security) for user authentication and authorisation. I would like to know if mapping GrantedAuthority to Syncope's role is the way to go ?I'm a bit lost, since there's also the notion of entitlements and groups. In fact, when I look into syncope's code, I see : @PreAuthorize("hasRole('" + StandardEntitlement.ROLE_CREATE + "')") public RoleTO create(final RoleTO roleTO) { So I would say I should use entitlements and not roles.But entitlement appears to be fixed (in StandardEntitlement class) and for syncope 'internal' use [1] and [2] (aka checking if user has right to perform an action on syncope - and not checking if user has right to peform action on whatever application). Thanks,Adrian P.S. Using Syncope 2.0.0-M2 [1] http://syncope-user.1051894.n5.nabble.com/Entitlements-how-do-we-create-change-these-tp5707009p5707010.html<quote>entitlements are not meant to be extended: their primary purpose is to define security constraints on RESTful methods.</quote> [2] https://cwiki.apache.org/confluence/display/SYNCOPE/Authentication+and+authorization