Skip to content

jogiwithjosh/Redis-Csrf-Repository

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
gradle/wrapper
gradle/wrapper
 
 
src
src
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

CsrfRestExample

Example how to secure scalable Spring Boot REST application against CSRF without using session.

Anti-CSRF tokens are stored in a Redis database to support multiple instances of the application. Spring security is instructed to use this TokenRepository instead of default HttpSessionCsrfTokenRepository.

GET /info

unauthorized access to info resoucre

GET /login

authorized resource that returns also csrf_token token in headers

PUT /info

authorized access to resource that can be accessed only with correct csrf_token

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages