How to perform authentication via OKTA login page(not application hosted login page) from a Servlet application

My_Okta_DevForum_Acc · November 28, 2020, 8:19pm

Hi,
Our requirement is to perform authentication via OKTA hosted login page.
Our application uses Servlets, i went through the sample servlet example in Github ,but that uses application hosted login page i.e login.jsp.
So can anyone please let me know how to redirect to OKTA login page and authenticate users from an application which uses Servlets.
Thanks in advance…

phi1ipp · November 29, 2020, 4:12pm

It depends on SSO method you wanna use. But from high lev perspective:

check if you have session/auth cookie sent to your servlet
if no -> redirect user to Okta login page (by SAML/OIDC login redirect)
if yes -> proceed with the request
on return from Okta to your special callback/ACS URL, validate user and establish a cookie and redirect him to the page initially requested

Maybe people can suggest anything else…

My_Okta_DevForum_Acc · November 29, 2020, 7:29pm

Hi Philipp,
Thank you for your response.
We are going to use SAML2.0.
Could you please provide the reference of such sample application(if any).

phi1ipp · November 30, 2020, 12:31am

It depends again on the the framework/language. Google for it, Okta has quite few examples of SSO solutions

My_Okta_DevForum_Acc · November 30, 2020, 8:25pm

Hi Philipp,
Thank you again for the response.
We use Oracle ADF framework for our application(Core java will be used as part of it).
Yes i did google for the examples, but found the relevant example( i.e for OKTA hosted login page) for Spring framework based application.
So just wanted to know if there is such example based on Servlets.

phi1ipp · December 1, 2020, 3:13am

I’m sorry, I haven’t seen anything specifically about Oracle ADF. Servlets itself are not that different from Tomcat or any other web-server. ADF though can make it bit painful. I had to deal with it once or twice, so can’t say I have any significant experience with it.

If you go the route, maybe it’s not that awful, at least when you have questions they can be discussed and answered on the forum.

phi1ipp · December 1, 2020, 3:15am

also just got an idea if it’s too challenging, you may want to install a rev-proxy in front of it which will be able to deal with with SAML protection of your ADF application. Might be cheaper, depending on your timeline

My_Okta_DevForum_Acc · December 1, 2020, 2:13pm

No problem Philipp.
Yes, trying to see how SAML can be used from servlets.
And will post the questions as you said.
Thank you …

My_Okta_DevForum_Acc · December 1, 2020, 2:28pm

OK Philipp, thank you for the suggestion.
Will go through it once.

system · January 19, 2024, 12:59am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.