SOO authentication is a real pain to get working when not using web technologies and especially when different user groups use different underlying auth systems. Here is a really simple solution that I came up with, in case it may help anyone else:
I am using a javafx webview to show wiki documentation within the application.
For each group of users (different customers have different parts of the wiki visible to them) I use a separate read only help user which has the correct permission set via ACL.
When I start the webview I look for 'permission_denied' and then log in with the customer specific help user credentials using java script:
javafx.scene.web.WebView view = new javafx.scene.web.WebView();
view.getEngine().getLoadWorker().stateProperty().addListener((obs,oldValue,newValue)-> {
if( newValue != Worker.State.SUCCEEDED )
return;
if (view.getEngine().getDocument().getElementById("permission_denied")!=null) {
String script = "var form = document.getElementById('dw__login');"+
"if (form!=null) {form.elements['u'].value='"+Config.get("wiki.user")+
"';form.elements['p'].value='"+Config.get("wiki.password")+
"';form.submit()}";
view.getEngine().executeScript(script);
}
});
view.getEngine().load(Config.get("wiki.url"));
Since this is a read only user covering a whole user group this won't work for editing persmissions, but that's fine, it fits my use case well enough.