Can't create CSRF token with Spring Security

Question

I am using Spring Security 3.2.3 in my Spring MVC application and getting some unexpected behavior.

According to the documentation here, it should be possible to us

Answer 1

You have incorrect configuration for springSecurityFilterChain in your web.xml. Correct definition is:

    springSecurityFilterChain
    org.springframework.web.filter.DelegatingFilterProxy

Spring Security uses set of servlet filters to provide the functionality it is offering (including CSRF protection). These filters are defined as Spring beans (i.e. they are instantiated and managed by Spring application context). DelegatingFilterProxy is a special type of servlet filter, which finds root application context on the registered servlet context and delegates every call to the same named bean.