I am using Spring framework version 4.3.5.RELEASE. Spring security version is 4.2.2.RELEASE.
I am facing a strange issue related to CSRF. Whenever I submit a form (from a JSP file), Sometimes it works fine, the form gets submitted without error but sometimes after submitting the form, it shows Http Status 405 ? Method not supported. I have included csrf token too, both in hidden field as well as appended it as query string in form's action's tag.
Here is an example POST form from my project:
<form:form class="form-horizontal" method="POST" modelAttribute="dealerVisit" enctype="multipart/form-data"
action="http://localhost:8080/update/edit.html?${_csrf.parameterName}=${_csrf.token}">
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}">
</form:form>
Here is the controller where I am submitting the above form:
@RequestMapping(value = "/update/edit.html", method = RequestMethod.POST)
public String saveEdit(ModelMap map, @Valid @ModelAttribute(MODEL_KEY) DealerVisitVO dealerVisitVO, BindingResult result,
@RequestParam(required = false, name="followup") Boolean followup) {
//my codes here
}
The problem is coming random. It works sometimes and sometimes it doesnt. With no change in code or form. Disabling the CSRF is not a possible solution as this is 1 requirement of my client.
Please help if anyone was able to solve.