spring-saml-idp-integration
A skeleton application for integration of spring boot application leveraging SAML for SSO
Set up a test okta
Basic setup with Okta IDP.
- Navigate to http://developer.okta.com/
- Click on Sign Up
- Fill in your own name and email address to register, or login if you already have
- Okta will send you a confirmation email, including your temporary password and a link to your new developer Okta instance
- Navigate to the link in the email, and input your email address and the temporary password provided to you
- Fill in the form presented to complete your registration, and click on Create My Account
- You should now have an empty Okta instance with no apps, and only one user.
- Click on < > Developer in the top-left corner and switch to the Classic UI.
Create a test application
- Click on Admin, then Add Applications
- Click on Create New App
- Click Create New App, select your platform (web, native, or SPA) and choose SAML 2.0
- Give your app a name and click Next
- Fill in Single sign on URL with
https://localhost:8443/saml/SSO
- Fill in Audience URI with
https://localhost:8443/saml/metadata
- Your config should look like this
- The rest of the fields can be left as they began, click Next
- Select I'm an Okta customer adding an internal app
- Check This is an internal app that we have created
- Click Finish
- Setup the metadata via url
- Copy and paste the Identity Provider metadata url into the application.yml under
security.saml2.metadata-url
- Copy and paste the Identity Provider metadata url into the application.yml under
- OR setup the metadata via xml
- Click View Setup Instructions
- Copy the xml IDP Metadata from the Optional section into a file in your project:
src/main/resources/saml/metadata.xml
- Set metadataFilePath in SecurityConfiguration to the xml file (i.e.
metadataFilePath("saml/metadata.xml")
Assign the test application
- Return to your Okta home screen and click Admin
- Click Assign Applications
- Select the application you just created, yourself, then click Next
- Click Confirm Assignments
One time application setup
- Generate a keystore and key in
src/main/resources/saml
with passwordsecret
:
keytool -genkey -v -keystore keystore.jks -alias spring -keyalg RSA -keysize 2048 -validity 10000
Running the app
./gradlew clean bootRun
- Navigate to
http://localhost:9090