1

Rest services implemented using Spring boot and secured with Spring security is deployed on wildFly 10. Angular application is on NodeJS.

The application works when deployed on Tomcat. When deployed on Wildfly get services are working but for post getting an error

"403 forbidden" "Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-XSRF-TOKEN'"

When we set X-XSRF-TOKEN from postman for post services it works, but from angular "X-XSRF-TOKEN" not passed as request header. And at server cookie value is null in the request.

Tried following Options but still facing the same issue
1. CookieXSRFStrategy, httpClientXSRFModule to explicitly set Header , but we are getting token as null
2. Modified standalone to enable CORS
3. in spring boot profile property set : server.servlet.session.tracking-modes=cookie
4. Proxy.config.json in angular

Technology: 1. Spring boot 1.5/ Spring Security
2. Angular 5
2. WildFly 10

Authentication request:

User Login request

Post Request

Savita Singh
  • 33
  • 5

1 Answers1

0

having same issue in my project ...when added proxy.config.json it asks for credentials for each request...as new cookie is getting set for each request

Sayali Dingankar
  • 43
  • 6
  • 2
    When you are answering to a post make sure you are giving a solution, nut not a different version of the question that you might have faced. If you think you are facing the same issue then use the comment feature to add your scenario to the post and upvote the question. – WorksOnMyLocal Apr 26 '18 at 06:14