A simple example of using okta for authentication with Spring Security SAML and Spring Boot.
The application requires you have JDK7+ installed on your computer.
Create an Okta developer account if you do not already have one. You will receive an email to instructions for setting up your test identity provider.
Follow the directions under the Configuring Okta to work with Spring Security SAML. The difference is that you will use the following values:
-
Single sign on URL http://localhost:8080/saml/SSO
-
Audience URI (SP EntityID) http://localhost:8080/saml/metadata
-
Enable Single Logout
-
Single Logout URL http://localhost:8080/saml/SingleLogout
-
SP Issuer http://localhost:8080/saml/metadata
-
Signature Certificate - Upload /security/SingleLogout.crt
-
-
Enter the Identity Provider metadata from Okta Setup as the value for
security.saml.idp.metadata
. For example, if the Identity Provider metadata washttps://example.okta.com/app/abc0defghijK1lmN23o4/sso/saml/metadata
, your file should look like:
# TBD Enter the Identity Provider metadata link from Okta security.saml.idp.metadata=https://example.okta.com/app/abc0defghijK1lmN23o4/sso/saml/metadata
You can now run the sample using:
$ ./mvnw spring-boot:run
$ .\mvnw.cmd spring-boot:run
Once the application starts:
-
Visit http://localhost:8080/
You can authenticate with a local account using:
-
Username user
-
Password password
-
Press Log in
You should now see the user name displayed.