Java/Spring Quickstart Skip to main content
https://support.okta.com/help/answers?id=9062a000000qufqqa0&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Gary EnglandGary England 

Java/Spring Quickstart

Hello,

I'm trying to implement the guide found here: https://developer.okta.com/quickstart/#/angular/java/spring

I got the Angular 2 front-end app implemented and running and working perfectly. Redirects to our Okta preview site, redirects back, all that. Now I'm working on the Java/Spring API backend piece. According to the guide, it's quite simple. Install the Okta dependency, add your configs, add a controller, and you're off and running.

However, I have found that I once I install the Okta dependency (I spun up an new Spring Boot Web MVC app), I experience CORS issues. I have implemented CORS in two ways:
In the API: https://spring.io/guides/gs/rest-service-cors/
In Okta: https://developer.okta.com/docs/api/getting_started/enabling_cors.html

However, that still doesn't resolve the CORS issue. After trying every which way under the sun to overcome the CORS issue, I found this solution and implemented it:
https://stackoverflow.com/questions/30632200/standalone-spring-oauth2-jwt-authorization-server-cors/30638914#30638914

But, that doesn't "feel" right. I don't think, after doing the two CORS solutions above, I should still be running into any CORS issues. So, after implementing that last CORS solution, I no longer get CORS issues. However, now I get the following error in the front-end console:

An I/O error occurred while reading from the JWK Set source: Server returned HTTP response code: 403 for URL: https://{mydomain}.oktapreview.com/oauth2/default/v1/keys

Any advice on the CORS issue, or this I/O error issue would be much appreciated. I'm hitting a wall with this.

Thanks,
Gary

Eugen DumitruEugen Dumitru (Okta, Inc.)
Hi Gary,
The Forbidden access error might be that CORS and Redirect isn't configured in Okta or it might be as it's described on this thread https://github.com/spring-projects/spring-security-oauth/issues/1133 . 
You can ask the Developers for information @ https://devforum.okta.com/ or if feel it's an issue you can always create a case.

Thank you,
Eugen Dumitru
Sudhakar PolamreddySudhakar Polamreddy
Hi Eugen/Gary,

Have you implemented OKTA integration with your Java application? I am trying to integrate my Java Web Application with Okta using openid connect. Appreciate any help on going with the right direction of implementation. There are different ways that I have seen in the forums, Spring, Apachi Shino and Rest API calls. I started with Spring security and stuck in the middle. Please suggest the best way. We want to go with custom login page.