I’m trying to add authentication to my Spring Boot app, with this tutorial :
I created a “restricted” page, with this rule : http.authorizeRequests() .antMatchers("/home").permitAll() .antMatchers("/restricted").authenticated();
But the restricted page do not go to okta login form. Instead, I have a 403 error (shown by my custom ErrorController)
What version of Spring Boot and the Okta Spring Boot starter are you using? The tutorial you’re referencing uses @EnableOAuth2Sso and uses Spring Boot v2.0.5.RELEASE.
The current version (1.4.0) of our Okta Spring Boot starter works with Spring Boot 2.2+. If you need support for Spring Boot 1.5.x, use version 0.6.
With Spring Boot 2.2, you’ll use Spring Security’s DSL to configure it to login with oauth2Login(). For example:
You don’t need spring-boot-starter-security as the Okta starter includes that. I believe you can remove the other Spring OAuth dependency too. If that doesn’t work, the Spring OAuth dependency probably needs to match your Spring Boot version.