How to Customize the Spring Security CsrfAuthenticationStrategy to use XorCsrfTokenRequestAttributeHandler in Spring Security 5.

admin•2025-04-26 13:15:14•questions•阅读2

The CsrfAuthenticationStrategy in Spring Security 5.8 is instantiated with CsrfTokenRequestAttributeHan

The CsrfAuthenticationStrategy in Spring Security 5.8 is instantiated with CsrfTokenRequestAttributeHandler by default: .8.x/web/src/main/java//springframework/security/web/csrf/CsrfAuthenticationStrategy.java#L45

In Spring 6.X I see it has been changed to: .java#L44

In the project's Spring Security config, the XorCsrfTokenRequestAttributeHandler is used in the <security:csrf token-repository-ref="csrfTokenRepository" request-matcher-ref="csrfProtectionMatcher" request-handler-ref="xorCsrfTokenRequestAttributeHandler" />, however, this is not taken into account when the CsrfAuthenticationStrategy is instantiated. Is there a way to customize this behaviour?

The session-authentication-strategy-ref is already pointing to custom implementation, so using that is not an option.

发布者：admin，转转请注明出处：http://www.yc00.com/questions/1745615398a4636204.html

admin

questions
metadata - Error During 'Sugar Deploy' on Solana Devnet (Using Sugar V2)Cant finish deploy of my NFTs on Solana
I'm currently working on deploying an NFT collection on the Solana Devnet using Sugar V2. The suga
admin
23分钟前
10
questions
javascript: can not use global variable in a function, to navigate the dom - Stack Overflow
beginner here...what am i missing?i define a global variable that is a reference to an html element:va
admin
23分钟前
10
questions
javascript - Google Maps: geocode addresses asynchronously, but get their responses in order - Stack Overflow
I'm trying to plot lines between two or more addresses in Google Maps. The idea is that addresses
admin
23分钟前
00
questions
How to track product productionseller cost and analyze profits in Sylius? - Stack Overflow
I am using Sylius just as a housekeeping for my local business. My plan is to create fake online orders
admin
22分钟前
10
questions
sqlite - How do I simplify this model with a double reference? - Stack Overflow
My CRUD application's data models:What is the proper way to set up the FilmGroup model? It has a o
admin
19分钟前
00
questions
javascript - How to do load page in Angular JS? - Stack Overflow
How to load content on page by clicking on menu links?For example, there is menu:<a href="#&qu
admin
17分钟前
10
questions
javascript - skrollr : Horizontal scroll with smooth scrolling not working - Stack Overflow
I am trying to build a site using skrollr. This is the jFiddle link to what I have tried yet. But as yo
admin
17分钟前
10
questions
assembly - Where is the offset of the Y register from the callstack frame in avr-gcc coming from? - Stack Overflow
On the avr-gcc website () it says that the frame pointer (Y register) is off by one byte so Y+1 points
admin
16分钟前
10
questions
javascript - React.js How can I convert string base64 to normal image - Stack Overflow
I convert image type png to string into my backend how can I show it as normal image from my backend to
admin
14分钟前
00
questions
javascript - Calculating percent coverage of 1000m raster by 30m raster - Stack Overflow
I have two rasters, one of restoration opportunity at 1000m and one of deforestation from 2019-2023 at
admin
13分钟前
00
questions
javascript - EasyAutocomplete: change the returned value - Stack Overflow
I would like to use the EasyAutplete plugin to create an autoplete list for the user and then to send t
admin
13分钟前
00
questions
visual studio 2010 - How to create a C++ COM object (with class factory) using ATL and VS2010 callable from Javascript - Stack O
I need to create a COM object which is callable from Javascript.I've been told that to do this,
admin
12分钟前
00
questions
javascript - window.onunload only fires when a tab is closed in firefox, not the entire browser - Stack Overflow
UPDATESo after reading both of your answers I realize there is no reliable way to determine when a brow
admin
8分钟前
00
questions
c# - Using the same view for different ViewModels in WinUI3 - Stack Overflow
In a WinUI3 project, I have 3 views IconEditorView, ColorEditorView, and ImageEditorView, each with the
admin
4分钟前
00
questions
javascript - Radio button onoff trigger works only one way - Stack Overflow
So this is the dumbest thing I've struggled with in awhile. I cannot get the state of a simple rad
admin
4分钟前
00
questions
javascript - How to get the next element of an array with Jquery onclick - Stack Overflow
Hi all i am trying to change the html of an object from an array of htmls. But i am having problem iter
admin
2分钟前
00
questions
javascript - Insert just opening HTML tags after an element? - Stack Overflow
I would like to insert a couple of opening DIV tags after the H1 element on a page, without inserting t
admin
2分钟前
00
questions
javascript - Better way to handle 404 page not found in a React app - Stack Overflow
I'm working on a React app and i'm trying to figure out a better way to redirect to 404 page
admin
1分钟前
00
questions
php - Error "This site can’t be reached, localhost refused to connect" after upgrading to Laravel 11 while sen
I am working on a Laravel project that uses Firebase Firestore to manage some data. Initially, I was us
admin
1分钟前
00
questions
php - Symfony 7 returns duplicate response - Stack Overflow
I need some help with a strange problem on Symfony 7.1 that i can not figure out.I set up locally a Sy
admin
46秒前
00

发表回复

评论列表（0条）

暂无评论

How to Customize the Spring Security CsrfAuthenticationStrategy to use XorCsrfTokenRequestAttributeHandler in Spring Security 5.

发表回复

评论列表（0条）

联系我们

400-800-8888

How to Customize the Spring Security CsrfAuthenticationStrategy to use XorCsrfTokenRequestAttributeHandler in Spring Security 5.

相关推荐

发表回复

评论列表（0条）

联系我们

400-800-8888