I have two applications, both with a frontend and backend and separate db’s.
Application A has the backend and frontend secured with db RBAC.
Application B has the backend only secured with db RBAC, the frontend is currently open to all.
How can I setup the frontend of Application B to require that a user already be logged in to Application A and that the user has the correct role to have permissions to see the frontend of Application B? If they do not then I want to display a generic “you do not have permissions to view this resource” type of message, if they do then I want the login form to redirect to Application B’s frontend until the session expires.
The code for this needs to be able to be easily removed or changed so that I can move Application B to a production environment where Application A will not exist.