Spring Security, Stateless REST service and CSRF

Question

I have a REST service, built using Java, Spring-boot and using Spring Security with Basic Access Authentication. There are no Views, no JSP etc, no \'login\', just stateles

Answer 1

If you want to disable csrf in more proper way you can call it like this(if using java configuration)

@Override
protected void configure(HttpSecurity http) throws Exception {
    http.authorizeRequests()
            .anyRequest().fullyAuthenticated()
            .and().httpBasic();
       .and()
            .csrf()
            .disable()