The application works fine but currently there is data getting replicated among different users.
Also what is the way to put the csrfguard.properties in my web project so that every time making jar from the csrfguard project is not required.
if the request doesn't change data, but is just used to view a page or generate a report, then it probably doesn't need CSRF Guard, right?
you don't want to use CSRF Guard on a page that you want accessed via an email link. You should be able to skip CSRF protection for these pages.