Find file History
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

SDK for Java - Spring MVC Example


This example project utilizes Spring MVC and Spring Boot to provide a fully self-contained browser based example of implementing the SDK in a web application environment. The example application hooks directly into the Spring MVC Web Security flow. It implements webhooks to process authentication responses and logout requests. Rudimentary JavaScript exists on the home page to check for remote logout and force the user to re-authenticate.


This example requires a JVM for Java 1.7 or greater.

Follow the pre-requisites instructions for the SDK: SDK Instructions. The demo will utilize the Bouncy Castle JCE provider. Make sure to install that provider in the instructions.

You will also need a reverse proxy in order to allow for webhooks to process. Ngrok is free and simple to use. The examples in this document will be based on Ngrok. You may obtain Ngrok here.


Execute the Maven goal of package. Executing clean as well is never a bad idea. For example:

mvn clean package


  1. Launch the Spring Boot application by running the packaged jar in the target directory. The following Spring Boot environment properties are required for the example to work:
  • lk.service-id
  • lk.private-key-location

There are numerous ways to set those properties but the simplest way is usually to pass arguments to the JAR execution. This is an example of how to run the example app from the main project root with the project version of 4.0.0-SNAPSHOT:

java -jar examples/spring-mvc/target/examples-spring-mvc-4.0.0-SNAPSHOT.jar --lk.service-id=3cb7c699-be47-414f-830b-e81b9bb8cc40 --lk.private-key-location=/tmp/private-key.pem

The name and location of the JAR file are subject to change. If you downloaded the JAR, substitute that name. If you packaged the JAR with Maven, check the actual name of the version of the JAR build in the target directory directly under the directory containing this file. 2. Verify the server is running by accessing the URL of your web server: http://localhost:8080.

  1. Start your reverse proxy.
$ ngrok http 8080

Once started, you should see a a screen similar to:

ngrok by @inconshreveable                                       (Ctrl+C to quit)
Tunnel Status                 online                                            
Version                       2.0.19/2.0.19                                     
Web Interface                                    
Forwarding           -> localhost:8080        
Forwarding           -> localhost:8080       
Connections                   ttl     opn     rt1     rt5     p50     p90       
                            0       0       0.00    0.00    0.00    0.00      

  1. Verify your reverse proxy by accessing the reverse proxy endpoint. The endpoint will be the first part of one of the Forwarding lines. Based on the example above it would be or Copy your value for the Forwarding endpoint into you browser to ensure it is working correctly. If working correctly, it will displaying the same web page you saw when verifying your web server as well as show 200 OK responses in the HTTP Requests section of the ngrok screen like below:

ngrok by @inconshreveable (Ctrl+C to quit)

Tunnel Status online
Version 2.0.19/2.0.19
Web Interface
Forwarding -> localhost:8080
Forwarding -> localhost:8080

Connections ttl opn rt1 rt5 p50 p90
0 1 0.00 0.00 0.00 0.00

HTTP Requests

GET / 302 Found

  1. Now that your web server and reverse proxy are working, update your Service Profile with the webhook callback URL. This is done by placing the URL you just verified from Ngrok plus the path /webhook into the callback field in the General section of your Application configuration in the Dashboard. Based ion the Ngrok example above the callback URL would be:

  2. Access the home page at http://localhost:8080. You will be redirected to the /login page the first time you access the page.

  3. Enter your username or, if the Application Key is for a White Label Application, White Label identifier.

  4. Authorize or deny the request. Authorizing will redirect you to the home page. Denying will redirect you to a login error page. Not responding will also redirect you the login error page after the timeout of five (5) minutes.

  5. Winning! - You should be ready to try the demo and see how to quickly and easily secure your Java application.