I made a login system using ajax. However I found out that the json/post message goes to the back end when people submit their username and passworod is exposed/unecrypted when analyzed via Network Console (the stuff that tells you how many POST/GET requests you made)
So I realized that we need some kind of encryption, or security measures for this.
I am using bare tomcat/jsp/serlvet. Should I learn to use Spring or what are the list of things I need to do to secure this particular ajax communication.
I know I need SSL. But how do we ensure the ajax communication(POST) is secure in this case.