Index: lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SessionMaintainController.java
===================================================================
diff -u -rc1cd3b5d3bc88f16ad489fbc19c7d21f5b748305 -r12b36e96a4ccc6494fe3297f845cb9124d01a4aa
--- lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SessionMaintainController.java	(.../SessionMaintainController.java)	(revision c1cd3b5d3bc88f16ad489fbc19c7d21f5b748305)
+++ lams_admin/src/java/org/lamsfoundation/lams/admin/web/controller/SessionMaintainController.java	(.../SessionMaintainController.java)	(revision 12b36e96a4ccc6494fe3297f845cb9124d01a4aa)
@@ -43,12 +43,12 @@
 	return "sessionmaintain";
     }
 
-    @RequestMapping(path = "/delete")
+    @RequestMapping(path = "/delete", method = RequestMethod.POST)
     public String delete(HttpServletRequest request) {
 	String login = request.getParameter("login");
 	if (StringUtils.isNotBlank(login)) {
 	    SessionManager.removeSessionByLogin(login, true);
 	}
 	return list(request);
     }
-}
\ No newline at end of file
+}
Index: lams_admin/web/sessionmaintain.jsp
===================================================================
diff -u -r0524198761582d928377cf28d63b3de571db91b9 -r12b36e96a4ccc6494fe3297f845cb9124d01a4aa
--- lams_admin/web/sessionmaintain.jsp	(.../sessionmaintain.jsp)	(revision 0524198761582d928377cf28d63b3de571db91b9)
+++ lams_admin/web/sessionmaintain.jsp	(.../sessionmaintain.jsp)	(revision 12b36e96a4ccc6494fe3297f845cb9124d01a4aa)
@@ -29,7 +29,7 @@
 		
 		<div class="alert alert-info">${fn:length(sessions)}&nbsp;<fmt:message key="sysadmin.maintain.session.count" /></div>
 
-		<table class="table table-striped">
+		<table class="table table-striped table-hover">
 			<tr>
 				<th><fmt:message key="sysadmin.maintain.session.login" /></th>
 				<th><fmt:message key="sysadmin.maintain.session.name" /></th>
@@ -46,9 +46,7 @@
 					<c:out value="${ses.value[4]}" />
 				</td>
 				<td>
-					<a href="<lams:LAMSURL/>admin/sessionmaintain/delete.do?login=${ses.key}" class="btn btn-default">
-				<fmt:message key="sysadmin.maintain.session.delete" />
-					</a>
+					<csrf:form style="display: inline-block;" id="delete_${ses.key}" method="post" action="/lams/admin/sessionmaintain/delete.do"><input type="hidden" name="login" value="${ses.key}"/><button type="submit" class="btn btn-danger btn-xs"><i class="fa fa-trash"></i> <fmt:message key="sysadmin.maintain.session.delete" /></button></csrf:form>
 				</td>
 			</tr>
 			</c:forEach>
Index: lams_central/conf/security/Owasp.CsrfGuard.properties
===================================================================
diff -u -r2c2a416960cfa22ad1882d9ef21d3f932efc26d2 -r12b36e96a4ccc6494fe3297f845cb9124d01a4aa
--- lams_central/conf/security/Owasp.CsrfGuard.properties	(.../Owasp.CsrfGuard.properties)	(revision 2c2a416960cfa22ad1882d9ef21d3f932efc26d2)
+++ lams_central/conf/security/Owasp.CsrfGuard.properties	(.../Owasp.CsrfGuard.properties)	(revision 12b36e96a4ccc6494fe3297f845cb9124d01a4aa)
@@ -26,6 +26,7 @@
 org.owasp.csrfguard.protected.adminToolsEnable=/lams/admin/toolcontentlist/enable.do
 org.owasp.csrfguard.protected.adminThemeSave=/lams/admin/themeManagement/addOrEditTheme.do
 org.owasp.csrfguard.protected.adminThemeRemove=/lams/admin/themeManagement/removeTheme.do
+org.owasp.csrfguard.protected.adminSessionManagementDelete=/lams/admin/sessionmaintain/delete.do
 
 org.owasp.csrfguard.protected.centralSaveUserProfile=/lams/saveprofile.do
 org.owasp.csrfguard.protected.centralOutcomeSave=/lams/outcome/outcomeSave.do