You will need to write an Identity Store implementation. The following code is an example of using one for LDAP (Active Directory). https://gist.github.com/gratiartis/4545962 I wrote that for 5.3. I *think* that means it should be okay for 5.2, but I don't really know. I don't think that there is support for passing the user roles into Guvnor - the fine-grained roles (read only, admin, etc) in Guvnor need to be defined within Guvnor against user names which match those in your LDAP. i.e. Your LDAP checks will just be identifying whether the username and password are correct and that they have a role with permission to access Guvnor. Steve On 4 Oct 2013, at 05:49, san_hegde <santhosh.hegde(a)hp.com&gt; wrote: