CSRF support in Quarkus

[ssarmokadam]

Current documentation can be found at https://devonfw.com/website/pages/docs/devon4j.wiki_devon4j.asciidoc_guides.html#guide-csrf.asciidoc Move CSRF concept/overview part in General section. Add CSRF in devon4j and CSRF support in Quarkus. reference: https://github.com/quarkusio/quarkus/issues/8399

[baumeister25]

Hi @ssarmokadam ,

additionally to the docu I see the following module in deovn4j for CSRF. In my eyes the module does not provide much benefit. I think it could be removed in favour of a guide step by step guide for quarkus and spring.

https://github.com/devonfw/devon4j/tree/master/modules/security-csrf

[ssarmokadam]

Hey team! Please add your planning poker estimate with ZenHub @isandesh1986 @sujith-mn

[ssarmokadam]

I am able to get csrftoken with undertow library. But login for user is missing in sample app. Currently I am implementing login functionality

[hohwille]

As always the website links are meanwhile broken (404). I put the stable github link here for the record: https://github.com/devonfw/devon4j/blob/master/documentation/guide-csrf.asciidoc

This guide is already quite nice but it would need some small distinction between spring and quarkus. As quarkus does not implement CSRF protection, I would simply suggest to like the according issue and suggest to always use JWT.