Spring Security SEC-2872: CsrfAuthenticationStrategy Should Delay Saving CsrfToken

Migrated from SEC-2872

Comment From: spring-projects-issues

This issue relates to #2624

Comment From: elhussein

@rwinch Can you elaborate more why this behavior has been removed? As we have a case that we need the token to be created on login success, but found that you removed the token generation immediately, and made it delayed to next request.