Merge branch '5.8.x' into 6.1.x

Closes gh-14921

web/src/main/java/org/springframework/security/web/access/intercept/RequestMatcherDelegatingAuthorizationManager.java

@@ -68,7 +68,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
 	@Override
 	public AuthorizationDecision check(Supplier<Authentication> authentication, HttpServletRequest request) {
 		if (this.logger.isTraceEnabled()) {
-			this.logger.trace(LogMessage.format("Authorizing %s", request));
+			this.logger.trace(LogMessage.format("Authorizing %s", requestLine(request)));
 		}
 		for (RequestMatcherEntry<AuthorizationManager<RequestAuthorizationContext>> mapping : this.mappings) {
 
@@ -77,7 +77,7 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
 			if (matchResult.isMatch()) {
 				AuthorizationManager<RequestAuthorizationContext> manager = mapping.getEntry();
 				if (this.logger.isTraceEnabled()) {
-					this.logger.trace(LogMessage.format("Checking authorization on %s using %s", request, manager));
+					this.logger.trace(LogMessage.format("Checking authorization on %s using %s", requestLine(request), manager));
 				}
 				return manager.check(authentication,
 						new RequestAuthorizationContext(request, matchResult.getVariables()));
@@ -89,6 +89,10 @@ public final class RequestMatcherDelegatingAuthorizationManager implements Autho
 		return DENY;
 	}
 
+	private static String requestLine(HttpServletRequest request) {
+		return request.getMethod() + " " + UrlUtils.buildRequestUrl(request);
+	}
+
 	/**
 	 * Creates a builder for {@link RequestMatcherDelegatingAuthorizationManager}.
 	 * @return the new {@link Builder} instance