Spring Boot与Spring Security整合后post数据不了，403拒绝访问

<head>
<title>添加用户</title>
<meta charset="utf-8" />
<meta name="_csrf" th:content="${_csrf.token}"/>
<meta name="_csrf_header" th:content="${_csrf.headerName}"/>
<link rel="stylesheet" href="/css/main.css" th:href="@{/css/main.css}" />
<script src="/js/ztree/jquery-1.4.4.min.js"
th:src="@{/js/ztree/jquery-1.4.4.min.js}"></script>

</head>

 

<body>
<div class="form-bottom">
<form role="form" method="post" class="login-form">
<div class="form-group">
<label class="sr-only" for="form-username">Username</label>
<input type="text" id="username" name="username" placeholder="Username..." class="form-username form-control" />
</div>
<div class="form-group">
<label class="sr-only" for="form-password">Password</label>
<input type="password" id="password" name="password" placeholder="Password..." class="form-password form-control" />
</div>
<button type="button" onclick="toAdd();" class="btn">Sign in!</button>
</form>
</div>
</body>
<script type="text/javascript">
var token = $("meta[name='_csrf']").attr("content");
var header = $("meta[name='_csrf_header']").attr("content");
$(document).ajaxSend(function(e, xhr, options) {
xhr.setRequestHeader(header, token);
});
function toAdd(){
var name=$("#username").val();
var password=$("#password").val();
$.ajax({
"url" : '/user/registerUser',
"type" : 'POST',
"dataType" : 'json',
"timeout" : 20000,
data : {username : name,password:password},
success: function(data){
alert(11);
}
})
}
</script>
</html>

 

参考：http://blog.csdn.net/sinat_28454173/article/details/52251004

http://stackoverflow.com/questions/23477344/put-csrf-into-headers-in-spring-4-0-3-spring-security-3-2-3-thymeleaf-2-1-2