Simple example of Spring Security with Thymeleaf

Question

hi I\'m trying to follow a simple example about doing a simple login form page that i found in this page http://docs.spring.io/autorepo/docs/spring-security/4.0.x/guid

Answer 1

Maybe that small piece of information helps anybody out: It is also mandatory to have the form attributed with th:action. Just attributing plain HTML action won't do and the hidden CSRF input filed won't be added automatically.

Couldn't find that piece of information documented anywhere and spent 2h research on that. I had attributed the form with action="#" and set the corresponding value by javascript. The CSRF token input field wasn't added automatically until added th:action="@{#}" to the form. Works like a charm now.