I developed java application using spring mvc and spring security. and when i upload and deploy the WAR
file on tomcat7 it fails and give me this messages in the url:
manager/html/upload?org.apache.catalina.filters.CSRF_NONCE=982F861CA67920658BC340994D5B7A32
How can i fix the problem and upload my web application properly ?
[EDITED] My code:
<http auto-config="true" use-expressions="true">
<csrf/>
<!-- custom login -->
<form-login login-page="/login" login-processing-url="/login" username-parameter="custom_email"
password-parameter="custom_password" authentication-failure-url="/login?error=true"/>
<remember-me key="remember-me"/>
<!-- css and js-->
<intercept-url pattern="resources/cms/**" access="permitAll"/>
<intercept-url pattern="resources/home/**" access="permitAll"/>
<intercept-url pattern="/wro/**" access="permitAll"/>
<intercept-url pattern="/cms/**" requires-channel="any" access="hasRole('ROLE_ADMIN')"/>
<intercept-url pattern="/account/**" requires-channel="any" access="isAuthenticated()"/>
<intercept-url pattern="/cart/**" requires-channel="any" access="isAuthenticated()"/>
<intercept-url pattern="/checkout/**" requires-channel="any" access="isAuthenticated()"/>
<logout logout-url="/logout" logout-success-url="/login"/>
<!--<csrf disabled="true"/>-->
</http>
<authentication-manager>
<authentication-provider user-service-ref="customUserDetailsService">
<password-encoder ref="passwordEncoder"/>
</authentication-provider>
</authentication-manager>
Edit your Spring-security.xml
<http auto-config="true" use-expressions="true">
...
<csrf disabled="true"/>
</http>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.