Liferay CSRF protection with @ResourceMapping
I need to add CSRF token (p_auth) to my Liferay (ver.6.1.1) portal project. Liferay provides this ability out of the box with auth.token.check.enabled=true
But it does this only for requests marked with @ActionMapping annotation [source]. At that time, as I need CSRF protection for @ResourceMapping because I have a lot of ajax requests for form submitting.
Thank you for the advice.
You can find the way for implementation of protection in http://www.liferay.com/community/forums/-/message_boards/message/26782849