Spring 3.1 MVC, Spring Security 3.1 - CSRF token

Question

At the moment I am searching for a possibility to include CRSF tokens in Spring MVC and Spring Security forms. What is the easiest solution that covers both (Spring Security

Answer 1

Spring 3.1 introduced a new interface named RequestDataValueProcessor. Using this interface you can easily (and automatically - without any changes to your JSP or controllers!) register CSRF tokens to HTTP forms. You can see a detailed example in here, it also refers to the sample code on github (so you can just take it from there and use it in your application).