Spring Security CSRF Token Filter

A Spring Security Filter that binds the existing CSRF token values to response headers.

License

License

Categories

Categories

Security
GroupId

GroupId

com.allanditzel
ArtifactId

ArtifactId

spring-security-csrf-token-filter
Last Version

Last Version

1.1
Release Date

Release Date

Type

Type

jar
Description

Description

Spring Security CSRF Token Filter
A Spring Security Filter that binds the existing CSRF token values to response headers.
Project URL

Project URL

https://github.com/aditzel/spring-security-csrf-filter
Source Code Management

Source Code Management

https://github.com/aditzel/spring-security-csrf-filter

Download spring-security-csrf-token-filter

How to add to project

<!-- https://jarcasting.com/artifacts/com.allanditzel/spring-security-csrf-token-filter/ -->
<dependency>
    <groupId>com.allanditzel</groupId>
    <artifactId>spring-security-csrf-token-filter</artifactId>
    <version>1.1</version>
</dependency>
// https://jarcasting.com/artifacts/com.allanditzel/spring-security-csrf-token-filter/
implementation 'com.allanditzel:spring-security-csrf-token-filter:1.1'
// https://jarcasting.com/artifacts/com.allanditzel/spring-security-csrf-token-filter/
implementation ("com.allanditzel:spring-security-csrf-token-filter:1.1")
'com.allanditzel:spring-security-csrf-token-filter:jar:1.1'
<dependency org="com.allanditzel" name="spring-security-csrf-token-filter" rev="1.1">
  <artifact name="spring-security-csrf-token-filter" type="jar" />
</dependency>
@Grapes(
@Grab(group='com.allanditzel', module='spring-security-csrf-token-filter', version='1.1')
)
libraryDependencies += "com.allanditzel" % "spring-security-csrf-token-filter" % "1.1"
[com.allanditzel/spring-security-csrf-token-filter "1.1"]

Dependencies

provided (3)

Group / Artifact Type Version
javax.servlet : javax.servlet-api jar 3.1.0
org.springframework.security : spring-security-web jar 3.2.0.RELEASE
org.springframework.security : spring-security-config jar 3.2.0.RELEASE

test (5)

Group / Artifact Type Version
junit : junit jar 4.11
org.mockito : mockito-all jar 1.9.5
org.slf4j : slf4j-api jar 1.7.7
org.slf4j : slf4j-simple jar 1.7.7
org.slf4j : jcl-over-slf4j jar 1.7.7

Project Modules

There are no modules declared in this project.

Build Status #Spring Security CSRF Token Filter

The idea behind this filter is to be able to use Spring Security to build a Single Page Application with whatever front end technology you would like such as Ember, Angular, Backbone, etc.

By default, Spring Security assumes that you are going to be rendering all your pages on the server, so you are expected to use their expression language to print out the CSRF tokens to make it available to your UI layer. This filter is meant to allow you to automatically expose the CSRF token data from Spring on all HTTP response headers.

#Installation:

This can be installed via Maven:

<dependency>
    <groupId>com.allanditzel</groupId>
    <artifactId>spring-security-csrf-token-filter</artifactId>
    <version>1.1</version>
</dependency>

#Usage:

If you are using JavaConfig you just have to add it to a configure block for HttpSecurity:

protected void configure(HttpSecurity http) throws Exception {
    CsrfTokenResponseHeaderBindingFilter csrfTokenFilter = new CsrfTokenResponseHeaderBindingFilter();    
    http.addFilterAfter(csrfTokenFilter, CsrfFilter.class);
}

#Credits: Credit goes to the authors of the great discussion on stackoverflow.com:

http://stackoverflow.com/questions/20862299/with-spring-security-3-2-0-release-how-can-i-get-the-csrf-token-in-a-page-that

#License: Apache 2.0

Versions

Version
1.1