Spring不响应时发送CSRF令牌

因为我向其添加了spring-security，所以我的Angular2客户端与我的Spring服务器进行通信时遇到了问题，即当我尝试将包含身份验证信息的JSON发送到服务器登录URL时，我得到403“无效的CSRF令牌”null '在请求参数'_csrf'或 Headers 'X-CSRF-TOKEN'上找到 . “

我知道我应该在我的响应的 Headers 上传递一个令牌以供客户端使用但是这个令牌没有被传递 . 我试过了this answer但令牌仍未通过 . 我也是通过邮递员发送请求，而令牌也没有到达 .

webSecurityConfig.xml ：

<http entry-point-ref="restAuthenticationEntryPoint">
      <intercept-url pattern="/api/**" access="hasRole('ROLE_USER')"/>

      <form-login
         authentication-success-handler-ref="mySuccessHandler"
         authentication-failure-handler-ref="myFailureHandler"
      />

      <logout />
   </http>

   <beans:bean id="mySuccessHandler"
      class="com.eficid.cloud.security.rest.AuthenticationSuccessHandler"/>
   <beans:bean id="myFailureHandler" class=
     "org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler"/>


      <authentication-manager>
        <authentication-provider>
          <user-service>
            <user name="temp" password="temp" authorities="ROLE_USER" />
          </user-service>
        </authentication-provider>
      </authentication-manager>

</beans:beans>

SpringSecurityConfiguration

@Configuration
@ImportResource({ "classpath:webSecurityConfig.xml" })
@ComponentScan("com.eficid.cloud.security.rest")
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

    public SpringSecurityConfig() {
        super();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.httpBasic().and().authorizeRequests()
                .antMatchers("/spring-security-rest/login").permitAll().anyRequest()
                .authenticated().and().csrf()
                .csrfTokenRepository(csrfTokenRepository()).and()
                .addFilterAfter(csrfHeaderFilter(), CsrfFilter.class);
    }


    private Filter csrfHeaderFilter() {
        return new OncePerRequestFilter() {
            @Override
            protected void doFilterInternal(HttpServletRequest request,
                    HttpServletResponse response, FilterChain filterChain)
                    throws ServletException, IOException {
                CsrfToken csrf = (CsrfToken) request.getAttribute(CsrfToken.class
                        .getName());
                if (csrf != null) {
                    Cookie cookie = WebUtils.getCookie(request, "XSRF-TOKEN");
                    String token = csrf.getToken();
                    if (cookie == null || token != null
                            && !token.equals(cookie.getValue())) {
                        cookie = new Cookie("XSRF-TOKEN", token);
                        cookie.setPath("/");
                        response.addCookie(cookie);
                    }
                }
                filterChain.doFilter(request, response);
            }
        };
    }

    private CsrfTokenRepository csrfTokenRepository() {
        HttpSessionCsrfTokenRepository repository = new HttpSessionCsrfTokenRepository();
        repository.setHeaderName("X-XSRF-TOKEN");
        return repository;
    }

}