Spring boot micro services with pre-Authenticated filter using CSRF protection

Question

I am using SSO and preAuthenticated Filter in my micro services. Micro services are built using spring boot and are stateless in nature. How can I apply CSRF protection across all micro services using spring security. Please let me know if any solution is available to implement CSRF for this scenario.

Answer 1

You are probably looking for a proxy server. Take a look at Zuul and its security filters:

https://github.com/spring-cloud/spring-cloud-netflix/issues/796

https://github.com/spring-cloud/spring-cloud-security/issues/88