All: I am using CMA with Tomcat4/Apache1.3. I have a form-based login page pointed at j_security_check. When a user submits the form the username and password is shown in the statusbar of the browser. Also, there is a log entry in the Apache logs that display this same URL that with username/password information.
Is there anyway to avoid the URL being displayed, and more importantly, is there a way to not log the login request? Thanks, Vinh.