single sign on - Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN' Spring SAML -
we implementing sso using spring saml, after getting authenticated when user gets redirected application getting following issue
invalid csrf token 'null' found on request parameter '_csrf' or header 'x-csrf-token' following code. login.html
<form class="form" role="form" ng-submit="login($event)"> <div class="form-group"> <label for="username">login</label> <input type="text" class="form-control" id="username" placeholder="your login" ng-model="username"> </div> <div class="form-group"> <label for="password">password</label> <input type="password" class="form-control" id="password" placeholder="your password" ng-model="password"> </div> <div class="form-group"> <label for="rememberme"> <input type="checkbox" id="rememberme" ng-model="rememberme" checked> <span>automatic login</span> </label> </div> <input type="hidden" name="${_csrf.parametername}" value="${_csrf.token}"/> <button type="submit" class="btn btn-primary">authenticate</button> </form> index.html
<meta http-equiv="x-ua-compatible" content="ie=edge"> <meta name="_csrf_parameter" content="_csrf" /> <meta name="_csrf_header" content="x-csrf-token" /> <meta name="_csrf" content="${_csrf.token}" /> secutityconfig.java
@bean public csrftokenrepository csrftokenrepository() { httpsessioncsrftokenrepository repository = new httpsessioncsrftokenrepository(); repository.setsessionattributename("_csrf"); return repository; } @override protected void configure(httpsecurity http) throws exception { http .csrf() .csrftokenrepository(csrftokenrepository()) .and() .addfilterafter(new csrfcookiegeneratorfilter(), csrffilter.class) .exceptionhandling() .authenticationentrypoint(authenticationentrypoint) please guide mt wrong doing.
thanks & regards mahesh
Comments
Post a Comment