icon of an black x

Add Azure AD authentication to a Java web application using Datawiza in 5 mins

September 28, 2021
Weiyu Fang
blue curvy line
green curly line
white curly line

Do you want to learn how to add authentication to your Java application? In this step-by-step tutorial, you will learn how to integrate a Java application with Azure AD using Datawiza to implement OIDC/OAuth SSO for the Java application. 

What is a Java?

Java is a high-level, class-based, object-oriented programming language that is designed to have as few implementation dependencies as possible. It is a general-purpose programming language intended to let application developers write once, run anywhere (WORA), meaning that compiled Java code can run on all platforms that support Java without the need for recompilation. Java applications are typically compiled to bytecode that can run on any Java virtual machine (JVM) regardless of the underlying computer architecture.

Run a Java web application

We use the sample offered in Spring.io official Building an Application with Spring Boot as the example in this section. The application running at port 8080 simply returns “Greetings from Spring Boot!”

If you want to add SSO for Java web application using Azure AD, you may google for the Java library for Azure AD. And you will find the Microsoft Authentication Library for Java (MSAL4J), which is used to enables applications to integrate with the Microsoft identity platform. What’s more, there are many code samples, built and maintained by Microsoft, demonstrate authentication and authorization by using Azure AD and the Microsoft identity platform in several application types, development languages, and frameworks. However, you still need to spend a lot of time to clearly understand the concepts about Azure AD, OIDC, Oauth2, and so on. You deserve a better solution, and we are building one that will reduce the time required down to hours or days, even minutes.

Introduction to the Datawiza Platform

The Datawiza Platform is a cloud-delivered, SaaS-based access management solution. It includes a data plane and a control plane: Datawiza Access Broker (DAB) and Datawiza Cloud Management Console (DCMC).

DAB is a lightweight, container-based access proxy deployed close to your application via the sidecar (agent) or gateway mode. It talks to Azure AD on behalf of your applications, so you don’t need to worry about the integration work. DCMC is a cloud-based management console where you can configure and manage the policies of DABs. Such a SaaS-based design makes the whole platform much easier to use.

Simple configurations using Datawiza Cloud Management Console

Use your Azure AD Admin Account (this account should have the permission to create an app registration in the Azure AD tenant) to log in to the DCMC.

Follow the tutorial in Integrating a web application with Azure AD using Datawiza in 5 mins to create an application in DCMC. Note that when you configure the application, the port of  Upstream Servers should be 8080 instead of 3001:

Run DAB as a sidecar (agent) to your application

After finishing the configuration in DCMC, you can run the DAB with the YAML file noted in the previous step. The docker-compose YAML file should then be like this:

version: '3'
    image: registry.gitlab.com/datawiza/access-broker
    container_name: datawiza-access-broker
    restart: always
      - "9772:9772"
      PROVISIONING_KEY: #############################
      PROVISIONING_SECRET: #############################

Now, we can use docker-compose to create and start the DAB:

docker-compose -f datawiza-access-broker up -d

That's it. After executing the command above, the Node.js application should have SSO enabled with Azure AD.

Now, let's give it a try.

Open a browser and type in http://localhost:9772. You should see the Azure AD login page as follows. Note that if you are already logged into Azure AD in your browser, you may need to logout to see the login page.

After logging in to Azure AD, the Java web application will be shown.

This tutorial has shown you how to secure a Java application with Azure AD using Datawiza -- in minutes instead of hours or days. Get a free trial by signing in here. Please email us at contact@datawiza.com if you need any help or have any questions.