Spring Security CSRF: How to retrieve token in Java
Question
I can see how to include the CSRF token in a JSP form, simply include the line
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
and you're done. But, how can I get the parameter name and token in one of my @Controler classes? I've looked through docs and found nothing on this, and also looked through both Model and HttpSession attributes and failed to find it.
1 answers
solution1
3 2015-03-08 21:54:35
you can retrieve the token use:
CsrfToken token = (CsrfToken) request.getAttribute("_csrf");
You can have the request in the controller method parameter list.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Spring Security not creating CSRF token
Java spring Security | JWT csrf token doesn't work on /login
How to obtain csrf token in a velocity macro when using spring security
Spring Security 4 JTwig put CSRF token in forms
Different csrf token per request in Spring security
Spring Security CSRF Token not working with AJAX
Expected CSRF token not found Spring Security
Spring Security denies logout CSRF token
Spring security csrf disabled, still get an Invalid CSRF token found
How to do Spring security with authentication token in java
Related Tags