**Problem:** Token validation exceptions are swallowed silently, making it impossible to audit malicious token attempts or debug authentication issues. **Acceptance Criteria:** - [x] Add explicit `log.warn` for `JwtException` inside `JwtAuthFilter`. - [x] Ensure the filter chain continues securely (returning 401 via `HttpStatusEntryPoint`) without exposing stack traces to the client.
Problem: Token validation exceptions are swallowed silently, making it impossible to audit malicious token attempts or debug authentication issues.
Acceptance Criteria:
log.warnforJwtExceptioninsideJwtAuthFilter.HttpStatusEntryPoint) without exposing stack traces to the client.