Expected Behavior
We would like to have the possibility to easily log SAML responses as with the (previous) SAMLLogger-API.
Current Behavior
We did not find a "standard" way of logging details of the SAML response.
Context
We are currently migrating from Spring Security SAML Extension to the new Spring Security Service Provider library. We have used a SAMLDefaultLogger bean to have an extensive logging of the SAML response (e.g. in the old SAMLAuthenticationProvider).
In the new library we did not find something like the old SAMLLogger-API and in the new OpenSamlAuthenticationProvider, the logger does only log pretty basic information.
Are you planning to port this feature or do you recommend overriding e.g. the AuthenticationProvider for adding more logging?
Thanks!
Comment From: jzheaux
do you recommend overriding e.g. the AuthenticationProvider for adding more logging?
Hi, @habizzle. Can you tell me more about what you are trying to do? I ask since it's not clear to me how introducing a logging component will change the log detail level.
only log pretty basic information
Should the authentication provider log more advanced information and if so, where? If you and I can come to an agreement on that, the best solution could be a PR so that everyone gets the benefit of additional detail.
Comment From: spring-projects-issues
If you would like us to look at this issue, please provide the requested information. If the information is not provided within the next 7 days this issue will be closed.
Comment From: mjanczykowski
The old library allowed to log full SAML requests and responses to server logs. It was useful for investigating issues with SAML login reported by customers (in my case we integrate with our customer's Identity Providers).
Comment From: jzheaux
Sorry for the delay, @mjanczykowski. I think adding requests and responses to trace logging sounds reasonable.