In this post I’ll examine how to implement a simple WebSocket-based notification system built on top of Spring. We’ll use the Stomp protocol over SockJS to communicate with either a JQuery-based client or an Angular application.

Spring Security offers CSRF (cross-site request forgery) protection by default for Java web applications. In this post I will examine how you can make that CSRF protection work for a web client interacting with REST-based CSRF-protected services. Both the web client’s code and the server application’s configuration will be described.