cleanup and upgrade

spring-security-mvc-session/pom.xml

@@ -87,14 +87,14 @@
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>javax.servlet-api</artifactId>
-            <version>3.0.1</version>
+            <version>${javax.servlet.version}</version>
             <scope>provided</scope>
         </dependency>
 
         <dependency>
             <groupId>javax.servlet</groupId>
             <artifactId>jstl</artifactId>
-            <version>1.2</version>
+            <version>${jstl.version}</version>
             <scope>runtime</scope>
         </dependency>
 
@@ -103,7 +103,7 @@
         <dependency>
             <groupId>com.codahale.metrics</groupId>
             <artifactId>metrics-core</artifactId>
-            <version>3.0.1</version>
+            <version>${codahale.metrics.version}</version>
         </dependency>
 
         <!-- logging -->
@@ -243,7 +243,10 @@
 
         <!-- various -->
         <hibernate-validator.version>5.2.2.Final</hibernate-validator.version>
-
+        <codahale.metrics.version>3.0.1</codahale.metrics.version>
+        <jstl.version>1.2</jstl.version>
+        <javax.servlet.version>3.0.1</javax.servlet.version>
+        
         <!-- util -->
         <guava.version>19.0</guava.version>
         <commons-lang3.version>3.4</commons-lang3.version>

spring-security-mvc-session/src/main/resources/webSecurityConfig.xml

@@ -12,10 +12,11 @@
         <intercept-url pattern="/login*" access="permitAll"/>
         <intercept-url pattern="/**" access="isAuthenticated()"/>
 
+        <csrf disabled="true"/>
+
         <form-login login-page='/login.html' authentication-success-handler-ref="myAuthenticationSuccessHandler" authentication-failure-url="/login.html?error=true"/>
 
         <logout delete-cookies="JSESSIONID"/>
-
         <remember-me key="uniqueAndSecret" token-validity-seconds="86400"/>
 
         <session-management invalid-session-url="/invalidSession.html">

spring-security-mvc-session/src/main/webapp/WEB-INF/view/console.jsp

@@ -16,7 +16,7 @@
 		<br/>
 	</security:authorize>
 
-	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+	<a href="<c:url value="/logout" />">Logout</a>
 	
 </body>
 </html>

spring-security-mvc-session/src/main/webapp/WEB-INF/view/homepage.jsp

@@ -16,7 +16,7 @@
 		<br />
 	</security:authorize>
 
-	<a href="<c:url value="/j_spring_security_logout" />">Logout</a>
+	<a href="<c:url value="/logout" />">Logout</a>
 
 </body>
 </html>

spring-security-mvc-session/src/main/webapp/WEB-INF/view/login.jsp

@@ -4,20 +4,20 @@
 <body>
 	<h1>Login</h1>
 
-	<form name='f' action="j_spring_security_check" method='POST'>
+	<form name='f' action="login" method='POST'>
 
 		<table>
 			<tr>
 				<td>User:</td>
-				<td><input type='text' name='j_username' value=''></td>
+				<td><input type='text' name='username' value=''></td>
 			</tr>
 			<tr>
 				<td>Password:</td>
-				<td><input type='password' name='j_password' /></td>
+				<td><input type='password' name='password' /></td>
 			</tr>
 			<tr>
 				<td>Remember Me:</td>
-				<td><input type="checkbox" name="_spring_security_remember_me" /></td>
+				<td><input type="checkbox" name="remember_me" /></td>
 			</tr>
 			<tr>
 				<td><input name="submit" type="submit" value="submit" /></td>