Single Sign-On with Spring Boot & Okta | OAuth 2.0 | Java Techie
Вставка
- Опубліковано 16 жов 2024
- This video explain you How to Add Single Sign-On to Your Spring Boot Web Application using okta & OAuth 2.0
#javatechie #SpringBoot #Security #Okta_SSO #OAuth 2.0
GitHub:
github.com/Jav...
Blogs:
javagyanmantra...
Facebook:
/ 919464521471923
Music: City_of_Jewels
guys if you like this video please do subscribe now and press the bell icon to not miss any update from Java Techie
Disclaimer/Policy:
--------------------------------
Note : All uploaded content in this channel is mine and its not copied from any community , you are free to use source code from above mentioned GitHub account
Hi Basant sir, in this implantation what method of SSO is basically used, is it SAML? or OpenIDConnect? how do we know?
have you had more detailed video on this topic?
Thanks for the video. Just an update, as of to-date, the application type needs to be selected as OAuth Service to get Client ID & Secret. Selecting type as Web with SWA or SAML or OpenID wouldn't give you client ID/Secret.
Thanks for update
Thanks Basant for great knowledge.
SSO basically works for different applications access without asking login so in this video multiple applications are not there, and you have created only one application and triggered the same endpoint multiple times, bit confusing...
The moral here is to delegate the auth request to a 3rd party provider so for demo purposes I have created a single app but you can create multiple apps and test it.
@@Javatechie so we need to add new app in okta, okay I'll try
But the requirement can be opposite.Why would you login the user to youtube? It should happen only when I click on login button on UA-cam.I logged into gmail because i want to check my email but i don't want to login to youtube or map?
Super Sir...Sir please upload small spring boot project with all implementation likw spring security,thymeleaf,etc
My query - here you are using Okta server for authentication but in real time project where there is no Okta OR any other system then do we need to build it own first before implementing SSO ? I mean what happens in real time project basically. Which items/components will be provided by client OR what we should ask from client. can you please put some light on these basic queries.
Latest version of Spring Boot is 2.4.1 and video is on 2.1.4.
Any reason why it doesnt work on latest version of Boot and Okta?
Your video is just 1 year old.
Okta url for new app too has changed
Okta dependency is not available in spring boot 3.3.0. What’s the alternative
Not sure will check and update you
The values you have stated in application.property file about okta server ....where have they been used in application ?
those are for configuration only and won't be used explicitly in your code, they're managed automatically by spring boot and okta dependency, for example you tell tomcat to use 9090 as the server port
Great post. I was looking for a simple application and I got it ❤
How it will work for multiple user logins with different username and password
Nice Explanation.
My requirement is below
1. Enable okta MFA for certain users.
2. Can we switch to okta MFA conditionally based on a flag check from Principal
3. If we dont have spring boot but just spring how can this be done.
Thank you
MFA I am not aware about this let me check
@@Javatechie Thank you awaiting your reply.
Thank you so much for this valuable tutorial..you are awesome 👏👏👏
I am getting SSLHandshakeException, PKIX path building failed while running the program, please help
It's not working and throwing error.. I am using springboot 2.3.8 and okta 0.6.0...can you make an updated tutorial on it...or just help with the new updated
Amit check in okta official side , you can raise an incident their for version conflict
Hi Sir , Can you please show or reply to me how to generate this token when third party is accessing my api , how they will pass user and password information in the header or how they will pass this token
while creating okta account its asked me the business mail only So I created with my company mail id ,now I have fear like will it charge money after 30 days, please help me on this and if it will charge how to delete account
No they won't charge don't worry . And it's not good practice to create trial account with company mail id
@@Javatechie but its not accepting my personal mail id
i have three microservices and for front ent i have angular application, then i want to login with my own database by using jwt, then how i can use single sign own feature, that is when user gets once logged in then it can access all the three microservices api by using that jwt token.
Then why you are expecting SSO here ?
@@Javatechie then i need to authenticate for every microservices or is there any way, please suggest?
Yes each request need to authenticate
If you want to exclude any path then specify antMatchers
Sir I am getting this error org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval can you help me?
Sowmya can you import my code and only change your secret key info
Really love the range of topics you cover. May i request you for a video using SpringSecurity with SAML2 and PingFederate. The call shall originate from ReactJs app and ilredirected to pingFederate via Spring Security. I need to use Java 8
I will try this from backend
Can ther be latest video on okta after spring boot 3.xx
I haven't tried it in recent time
Hi sir I don't have the "Cloud OAuth2" starter, how can I find it ? Thanks
i cant able to login to okta console through rest end point showing unable to sign in ,please reply
Thank you Sir for explaining this
how we can integrate active directory in okta
Didn't get you active directory ?
Great explnation sir. Can you please let me know sir how to test this in postman
On implementing this getting below exception
org.springframework.security.oauth2.client.resource.UserRedirectRequiredException
Can you please let me know what I am missing?
any solution for this?
How to get the access token here.. If I have more API and I want to test them from postman how can I get the access token.
Thanks for the nice demonstration. What should I do if I want to remove the dependency of okta and the whole SSO to be controlled by my own app ?
You can go for spring saml api
Hi, I tried to follow all the steps as shown in the tutorial. However, in my case I'm getting multiple redirect error when I try get to localhost:9090 page...can you please help?
Did you configure localhost:9090 as redirect URL while configure in okta
@@Javatechie I configured localhost:9090/login as redirect URI in OKTA
@@subhajitdey868 can you share error message with screenshot to javatechie4u@gmail.com
@@Javatechie solved the issue, it was with application.properties file...it should be clientid not client-id and clientsecret not client-secret
@@Javatechie yes i did but i got same error ........ can you help?
Can you show me how to done sso for j2ee applications (servlets ans jsp ) with okta saml authentication.....
Hi @javatechie, I am getting this issue "org.springframework.security.oauth2.client.resource.UserRedirectRequiredException: A redirect is required to get the users approval", I have clear the cookies and cache but the issue still persist. Please help me on this.
Please verify your secret key once
I'm facing the same issue. I have a feeling it might be due to versioning problems. I'm using Java 11
Hi #MOHIT SHARMA
You try download source of Java Techie "github.com/Java-Techie-jt/spring-boot-okta-sso" and replace "okta.oauth2.issuer" , "okta.oauth2.clientId" , "clientSecret" for you on okta, and run try again.I have tested and succeeded!
good luck for you!
Worked for me after replacing okta.oauth2.client-id to okta.oauth2.clientId
and okta.oauth2.client-secret to okta.oauth2.clientSecret
Good video sir @javatechie do you have video for several user login in for application
I tried for single user
@@Javatechie can you suggest any idea for several user or any referrence
You can checkout in okta documentation it self
Hi Sir, Do we have a provision to disable or enable SSO?
Please make a video on Spring Security with SAML SSO example.
Sir please explain about saml sp initated sso and use pure saml only without third party api i am facing issue in that
awesome content bro
Sir can you please explain saml implemention without using okta
Great video Sir 👍 we would love to see Spring+keyclock
DO we have different client-Id and client-secret for each Okta user?
Yes
@@Javatechie In that case do we need to add all those values in the spring property file? How to manage them?
Can i do it with Ping Id insted of Okta?
Thanks bro...Simple way of explanation.
Awesome video sr keep posting excellent videos likes this one
What if other users want to sign in to our application, how to configure it for multiple user login???
There is a option in okta console to create a group and we can assign user who can access your application .
Stoped working for okta-spring-boot-starter > 0.6.1
true.
i am getting below error-
Description: The 'redirect_uri' parameter must be an absolute URI that is whitelisted in the client app settings.
You are my friend. Woow nice approach
I'm waiting for this video
how to do this with azure sso
Nice Explanation
Great video but I got bad credentials can please help thanks
Can you please implement oauth2 grant types in spring cloud api gateway
Good one.
Okta is 30 days evaluation and now needs company credentials with lot of approval emails
superb
You are just typing but not explaining. Example, what is the use of the annotation @EnableOAuth2Sso ?
Simply this annotation will enable oauth specific default config in code . That's the reason when you kick start your application it directly redirect to SSO login page .
@@Javatechie Thank you. And what is the use of http.csrf.disable() ?
@@kumarmanish9046 please go through below tutorial to understand why csrf with realtime example www.javainuse.com/spring/boot_security_csrf#:~:text=But%20till%20now%20in%20all,which%20they%20are%20currently%20authenticated.
@@Javatechie Thanks for replying! I understand the CSRF concepts but for this tutorial specifically, what is the use of disabling csrf?
@@kumarmanish9046 usually we disable it in real-time to avoid malicious attack
Eventhough it is one Hello world application 🙂
great sir
How to logout??
You can create a config class extends it from WebSecurityConfigureAdapter then specify your logout URL .
Also you can check in okta config there should have some option to configure logout URL
@@Javatechie I have followed the same steps and I am getting
"org.springframework.security.oauth2.client.resource.UserRedirectRequiredException"A redirect is required to get the users approval"
Check is there any firewall restriction on your machine if yes please disable it
Expecting spring+keycloak SSO
I need to check hemanth , definitely will update
okta.oauth2.clientId
okta.oauth2.clientSecret ,need to change like this. it will work
It may be due to the New version 😌
want to call this endpoint through postman.
Not sure about this need to check
How to logout sir...
Using code you are asking ?
Once you stop your server automatically you will logged out from okta server .
@@Javatechie thanq for reply...
Yes using code
@@arunbandari8936 let me check
@@Javatechie how to logout using code