I’ve got this example to work. Get Started with Spring Boot, SAML, and Okta | Okta Developer
I have an legacy app that I would like to secure the REST endpoints. Backend is a standard Springframework app that is deployed to Tomcat.
Have anyone gotten it to work?
I’ve got it mostly working, app allows me to login through Okta then I am getting this error
HTTP Status 401 - Authentication Failed: Incoming SAML message is invalid
I believe the error is from SAMLProcessingFilter.java → SAMLProcessorImpl.java line 105.
Am I missing some configuration or some dependency?
I am using the SecurityConfiguration.java from the example.
Here is a web.xml:
<servlet>
<servlet-name>rest</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>rest</servlet-name>
<url-pattern>/resources/*</url-pattern>
</servlet-mapping>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
Here is the applicationsContext.xml
<context:annotation-config/>
<context:component-scan base-package="com.example"/>
<context:component-scan base-package="org.springframework.security.saml"/>