We have implemented container managed authentication in our organization. We got a security test done for our application and found that authorization header has been set to Basic and username and password are base64 encoded. Its very easy to decode the username and password and which is an security threat for the application.
Can you help how to disable basic authorization and what are the secured types we can use.
We can enable form based authentication in web.xml by modifying the below tag