Reputation: 484
OKTA SSO SAML Response
Trying to setup a SSO for a Java web application built with Spring MVC. I've registered my application to an OKTA server, got a Metadata URL and a SignOn URL. I'm using the SignOn URL from my application, authenticating with success, then a POST request is made with some form data that include a SAML Response object.
What should be the next step from here? I've decoded the SAML response, and now from my understanding I need to get a token or a session ID that I'll need to use to my further requests to the OKTA server.
Edit 1: Ran the spring-boot-saml-example, the authentication works as expected. But, when trying to get the current session using OKTA Session API from the Spring application, an HTTP 404 code is returned. Fetching the current session using the browser work fine.
Upvotes: 0
Views: 2124
Answers (2)
Reputation: 2699
You can use the spring-webmvc-pac4j security library which provides SAML authentication for Spring MVC (Boot) app.
Configuration is straightfoward for Okta like for any other SAML identity provider: https://github.com/pac4j/spring-webmvc-pac4j-demo/blob/master/src/main/webapp/WEB-INF/demo-servlet.xml#L44 + https://github.com/pac4j/spring-webmvc-pac4j-demo/blob/master/src/main/webapp/WEB-INF/demo-servlet.xml#L214
Upvotes: 0
Reputation: 2080
Take a look at this blog post, this example uses Spring Security and an Okta SAML app . Take a look at that, and if that doesn't help let us know.
Upvotes: 0
Related Questions
- Okta SSO integration with Spring MVC
- How SSO is working with OKTA
- Single Sign On with Okta session
- AEM 6.4.x + SAML authenticantion (Okta): How do I read (via Java) the SAML response from my SSO provider?
- Setting up SP Initiated Sign on using OKTA
- Android SSO Okta Integration Example
- Configure Okta to handle SAML authentication on behalf of our non-saml web app?
- How to validate SAML response
- okta sso(partner integration)
- How to handle the SAMLResponse from OKTA?