I am trying to integrate Okta over an existing application which is built on Spring Security Rest Api Oauth2. I have integrated okta with spring boot application successfully but stuck with this application (Spring Security Rest Api Oauth2). The spring boot configuration/steps are not working with spring mvc rest api framework.
Configuration which is used in spring boot application was:
Adding client Id and Client Secret in properties file
#EnableOAuth2Ssso annotation
and a little change in the web security configuration file
Can anybody help me in configuring okta with spring mvc Rest api Oauth2 enabld application?
Following are some good reference projects that I also used when integrating OKTA to an existing spring boot application. Hope it helps:
With XML configuration
With java based annotated configuration
Related
I want the gwt app to call a spring boot rest service with basic authentication which consumes and produces a json object and is deployed on a seperate server from the gwt app.
Any hints on how this can be done ?
There is a library called restygwt to easily define REST calls. I think there is an easy way to set the 'Basic' header.
i want to know is there any way to use spring cloud config client without spring boot in a spring web application.
i want to use spring cloud config with #Value annotation and i don't like to use spring cloud server rest api in my web application
i have tried what developers said in Spring Cloud Config Client Without Spring Boot link but it didn't work
Yes it's possible. You will have to add spring boot but don't have to really use it (we had it working in a non-springboot app). Check this code here https://github.com/4finance/micro-infra-spring/tree/master/micro-infra-spring-config . You don't need a config server then to use the properties. I don't have a code snippet for that but you would have to create manually a spring boot context in your just to make this work. Also check this answer - Spring Cloud Config Client Without Spring Boot . Even if you will make it work it doesn't mean that the ordering will be proper.
The suggested solution then is to actually use Spring Boot :)
I provided an answer here : Spring Cloud Config Client Without Spring Boot that can help you. It's a working prototype to load property sources from Zookeeper using Spring Cloud Config Zookeeper in a webapplication without Spring Boot.
I have developed a Rest API using Jersey for my Java application and also implemented basic authentication. Is it possible to authenticate a user from the database instead of authenticating them through the Web.xml file?
We currently have JBOSS EAP 5.1 and a Spring web application (Spring+JSF+Spring Web Flow) working with Spring Security.
We are looking to implement single sign-on in windows env and see that it is achievable with JBOSS + SPNEGO. If I do that, would my code be redundant with Spring Security?
Are there any additional advantages If I use spring security?
we have a web application(Say wA) developed in java and we need to provide SSO login from client web application(Say WB) to WA and the requirement is to do with Okta-(SAML 2.0).
Currently im having the Idp mnetadatak, IDP Single Sign-On URL and Identity Provider Issuer link created from okta
Anybody please help me on this issue , what things to do in my application side to provide SSO login felicity. how to listen SSO request from my APP (WA).
Thanks and regards
In case you would like to add SAML support directly into your application (as opposed to including it for example in reverse proxy such as Apache or IIS), you can use either Spring SAML (with minimal Spring configuration in case you don't use Spring Security already) or OpenAM's Fedlet.
Spring SAML enables applications to act as a SAML 2.0 Service Provider by initializing web single sign-on towards IDP (Okta) and accepting and validating response (SAML 2.0 Assertion) sent back from Okta.
Good approach to implement Spring SAML is to start with the quick start guide which helps you create SAML 2.0 integration with a public SAML 2.0 Identity Provider, then change the IDP to Okta and then integrate the result into your application.
It is also possible to build SAML 2.0 support from scratch (using OpenSAML library), but significant knowledge of the protocol is needed for it to be done securely.
Some application servers also include SAML support (WebLogic, WebSphere, JBoss with its PicketLink library), but such configuration is of course not portable.