When using the Okta hosted login page the user experience works better vs the custom login page when there are multiple backend applications servers.
With custom login page, the user has to re-login if directed to a different server than the one they logged in at
Working correctly with Okta hosted login:
using this project https://github.com/okta/samples-java-spring/tree/master/okta-hosted-login
- After setting up yaml file with correct settings, start the application
- Open new Incognito window
- go to localhost:8080/profile, this is a secure page so you’re redirected to Okta to login
- login and you get the profile page.
- simulate user going to another backend server by shutting down the application and restarting it
- refresh the profile page in the web browser.
- the profile page displays normally
If you kill your internet connection after step 5 and you refresh the browser you’ll see that it makes a call to Okta because the local app doesn’t have the information from the user cookie to determine if this browser session is logged in, or at least that’s my simplified understanding of it.
With the Okta hosted login page, the user is not shown the login page again, the profile page just displays normally.
With the custom login page from this sample
Everything is the same as above but after you refresh your browser (step 6) the user is redirected to the custom login page.
Seems to me that if you use a custom login page in a production application and you have multiple backend servers, the users will be required to login every time they hit a new server.
Is there a workaround for this? I’d like to be able to use a custom login page