Bad requests should not be log errors #1545
Description
Submitting this, as I don't have the time or possibility to implement this myself.
Our log monitoring is lightying up like a Christmas tree, when sombody are penetration scanning our website.
For example failure to bind for example enum values should not be ERROR, but WARN logs. As they not system-level errors, but rather a fairly normal "bad request".
The same is the case for requestion actions / content-types that are not implemented. (Like requesting an existng action but with only text/plain response allowed). This should be a 404 as response, and not an ERROR in the log.
Perhaps the same for IllegalArgumentException thrown from action method: could be considered a simple bad request, and not a system-level ERROR, although this could also be considered bad practice as validation behaviour.
Possibly there are other similar cases in the binding and action invocation implementation?