| title | Java Web App Tutorial | ||||||
|---|---|---|---|---|---|---|---|
| name | Java | ||||||
| image | /media/platforms/java.png | ||||||
| tags |
|
||||||
| snippets |
|
||||||
| alias |
|
You can get started by either downloading the seed project or if you would like to add Auth0 to an existing application you can follow the tutorial steps.
::: panel-info System Requirements This tutorial and seed project have been tested with the following:
- Java 1.8
- Maven 3.3 :::
<%= include('../_includes/_package', { pkgRepo: 'auth0-servlet', pkgBranch: 'master', pkgPath: 'examples/java-regular-webapp', pkgFilePath: 'examples/java-regular-webapp/src/main/webapp/WEB-INF/web.xml', pkgType: 'replace' }) %>
If you have an existing Java WebApp, please follow the steps below.
Add the following dependencies to your pom.xml and run mvn install.
${snippet(meta.snippets.dependencies)}
We need to configure auth0-servlet to use our Auth0 credentials. For that, just modify the web.xml
<context-param>
<param-name>auth0.client_id</param-name>
<param-value>${account.clientId}</param-value>
</context-param>
<context-param>
<param-name>auth0.client_secret</param-name>
<param-value>${account.clientSecret}</param-value>
</context-param>
<context-param>
<param-name>auth0.domain</param-name>
<param-value>${account.namespace}</param-value>
</context-param>We need to add the handler for the Auth0 callback so that we can authenticate the user and get his information. For that, we'll use the Servlet provided by the SDK. We have to configure it on the web.xml
${snippet(meta.snippets.setup)}
${include('./_callbackRegularWebApp')}
In this case, the callbackURL should look something like:
http://yourUrl/callback
${lockSDK}
Warning: Auth0 Java requires that you specify the
stateparameter in Auth0 Widget or Auth0 Lock. The Login servlet must propagate the nonce and pass it to the JSP page. For an example of this, check the seed project above.
Note: Please note that the
callbackURLspecified in theAuth0Lockconstructor must match the one specified in the previous step
You can access the user information from Auth0User by calling Auth0User.get(request) or you can get the information directly from the Session variable user
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse resp) throws ServletException, IOException
{
resp.setContentType("text/html");
resp.setStatus(HttpServletResponse.SC_OK);
resp.getWriter().println("<!DOCTYPE html>\n" +
"<html>\n" +
" <head>\n" +
" <meta http-equiv=\"content-type\" content=\"text/html; charset=utf-8\" />\n" +
" <title>Login</title>\n" +
" </head>\n" +
" <body>\n");
// This is the same as Request.getSession().getAttribute("user");
Auth0User user = Auth0User.get(request);
resp.getWriter().println("<h1>Welcome</h1>");
resp.getWriter().println("<img src=\"" + user.getPicture() + "\" />");
resp.getWriter().println("<p>Hello " + user.getName() + "!</p>");
resp.getWriter().println(" </body>\n" +
"</html>");
}You have configured your Java Webapp to use Auth0. Congrats, you're awesome!
You can add a Filter to check if the user is authenticated and redirect him to the login page if he's not. For that, we need to configure it in the web.xml
<filter>
<filter-name>AuthFilter</filter-name>
<filter-class>com.auth0.Auth0Filter</filter-class>
<init-param>
<param-name>auth0.redirect_on_authentication_error</param-name>
<param-value>/login</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>AuthFilter</filter-name>
<url-pattern>/user/*</url-pattern>
</filter-mapping>