Thibaud Lepretre

@liyiorg > The following code is not valid in version 1.0.0 , But invalid in version 0.8.1。 Do you mean *valid* in version 0.8.1 ? And what do you mean...

@liyiorg do you have small project to test, or if not possible could you please share with me your `security.cas.*` configuration?

@Georgeqhh what is your current `application.{yml/properties}` ? I would like to see your app configuration

@Georgeqhh regarding > when I access localhost:9001, after login, SavedRequestAwareAuthenticationSuccessHandler cannot get the targetUrl so that redirect to http://192.168.208.1:8762, but what I want is http://192.168.208.1:8762/main Why are you not tweaking...

Which version are you using? Latest 0.8.0 or you build the 1.0.0-SNAPSHOT?

Related issue on _Spring Jira_ https://jira.spring.io/browse/SPR-15754

@lchrennew could you be more precise because I understood that part ``` OPTION http://my.api/users/me -> HTTP 200 -> GET /users/me -> HTTP 403 or HTTP 401 ``` but not ```...

By default application is `CSRF` protected. How do you confirm that `CSRF` is not enable for you? Because last time I tried I get `CSRF` by default

@ankitwashere By default _Spring security_ will not include your `CSRF` token on client side, you must include it or use `CookieCsrfTokenRepository` as described in doc https://docs.spring.io/spring-security/site/docs/current/reference/html/csrf.html#csrf-include-csrf-token

@igorhara Thank you for reporting. I'm not totally sure to understand completely your needs. So I have some questions: Are you aware that you're able to customize and add/configure your...