We have a webdynpro that was developed and forces a user to log in w/their UME credentials. I've been trying to find out where/how to implement specific security to the app (as in, which roles/groups can access it). In the security provider of the admin tool, i don't even see the app listed under the components, if that's even the right place to look.
Basically we want to create a UME role (which we've done) to assign it to this app, and then we'll assign a user group to the role. As of now, pretty much anyone with an account on this instance can access the app.