How do I disable resolving login parameters passed as url parameters / from the url

Question

The application logs all requested urls. This means, that it\'s critical not to authenticate using url parameters, because it would cause the situation in which

Answer 1

To the best of my knowledge and intuition, like jhan had mentioned, the appropriate solution would be to use annotation @RequestMapping(value="/login", method="RequestMethod.POST"). Then, no matter what parameters the user may pass with the URL, both the URL and URI will always default to /login. And that is what the logger will document. Not the username and password pairs, but "http://localhost:8080/login", or whatever your port is.