This repository contains examples of how to secure a "legacy" servlet application Spring Cloud Gateway.
This repository has two examples in it:
cloud-gateway- A basic Spring Cloud Gateway application that proxies and secures downstream requestslegacy-servlet-app- A simple servlet application.
- See the Add OAuth 2.0 to Legacy Apps with Spring Cloud Gateway learn more about how these projects were created.
Prerequisites: Java 8.
To install this example, run the following commands:
git clone https://github.com/oktadeveloper/okta-legacy-with-cloud-gateway-example.git
cd okta-legacy-with-cloud-gateway-example/cloud-gatewayLog in to your Okta Developer account (or sign up if you don't have an account).
- From the Applications page, choose Add Application.
- On the Create New Application page, select Web.
- Give your app a memorable name, add
http://localhost:8080/login/oauth2/code/oktaas a Login redirect URI, select Refresh Token (in addition to Authorization Code), and click Done.
Copy the issuer (found under API > Authorization Servers), client ID, and client secret into the src/main/resources/application.yml file of the cloud-gateway project.
okta:
oauth2:
issuer: https://{yourOktaDomain}/oauth2/default
client-id=$clientId
client-secret=$clientSecretThen, run the project with: ./mvnw spring-boot:run
In a seperate terminal window (in the same git repostiory as above) run:
cd legacy-servlet-app
./mvnw jetty:run -Dokta.oauth2.issuer=https://{yourOktaDomain}/oauth2/defaultNOTE: the "issuer" must be the same in both projects.
Browse to http://localhost:8080 in an incognito/private window to login and view the user profile data.
These examples uses the following open source libraries:
Please post any questions as comments on the example's blog post, or on the Okta Developer Forums.
Apache 2.0, see LICENSE.