Spring mvc or plain java/tomcat webapp integration



I see several questions from people looking for documentation on integrating okta sso with spring mvc or plain java webapp with servlets, but I’m not finding any useful answers. Many people point this project

But those are spring boot applications.

I have also seen some discussions on spring core, but they are discussing very specific issues.

Can anyone point me to some documentation or example for integration saml oauth2 with an existing spring mvc or servlet-based webapp not using spring boot?

It seems this question has been asked for a year now, and I’m not seeing any helpful answers.


Here’s a blog post / tutorial I wrote that should help: https://developer.okta.com/blog/2018/09/12/secure-java-ee-rest-api


Thank you Matt. That looks like what I need, but you lost me on

“To prove it works with a valid JWT, you can clone my Bootiful React project, and run its UI:”

Can you clarify what this step is doing and if it is optional or not.

I think I see the issue - this is for securing a rest api. I just want to secure a webapp. So I’m looking for okta to prevent my webbrowser from access to all the endpoints - /good-beers , /beers.jsf . How would this tutorial be modified to do that?


If you use the Spring Security part of the tutorial, you should be able to do what you’re looking for. https://developer.okta.com/blog/2018/09/12/secure-java-ee-rest-api#secure-your-java-rest-api-with-spring-security