I did not find any relevant documentation on CAS. But when I check source code I can see there is a CSRF support for embedded tomcat. If this is the case then make this property true:
cas.server.csrf you can find the source code I mention here: https://github.com/apereo/cas/blob/master/webapp/cas-server-webapp-init-tomcat/src/main/java/org/apereo/cas/config/CasEmbeddedContainerTomcatFiltersConfiguration.java#L34 -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/cdee7a25-ffee-470e-b56f-21c0466e1d4f%40apereo.org.
