SEC-2347: Polish

itest/context/src/integration-test/resources/http-extra-fsi-app-context.xml

@@ -15,6 +15,7 @@
         <sec:intercept-url pattern="/**" access="@fsi.getAccessDecisionManager() eq @accessDecisionManager" />
         <sec:form-login />
         <sec:custom-filter ref="fsi" after="FILTER_SECURITY_INTERCEPTOR " />
+        <sec:csrf disabled="true"/>
     </sec:http>
 
     <bean id="fsi" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">

itest/web/src/main/webapp/WEB-INF/http-security-concurrency.xml

@@ -27,6 +27,8 @@
         <session-management>
             <concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
         </session-management>
+
+        <csrf disabled="true"/>
     </http>
 
 </beans:beans>

itest/web/src/main/webapp/WEB-INF/http-security-custom-concurrency.xml

@@ -16,6 +16,8 @@
 
         <custom-filter position="CONCURRENT_SESSION_FILTER" ref="concurrencyFilter" />
         <custom-filter position="FORM_LOGIN_FILTER" ref="myAuthFilter" />
+
+        <csrf disabled="true"/>
     </http>
 
     <beans:bean id="aep" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint">

itest/web/src/main/webapp/WEB-INF/http-security.xml

@@ -27,6 +27,8 @@
         </session-management>
 
         <remember-me key="doesntmatter" token-repository-ref="tokenRepo"/>
+
+        <csrf disabled="true"/>
     </http>
 
     <beans:bean name="tokenRepo" class="org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl"/>