Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Resource Server Servlet Logging #9000

Closed
jzheaux opened this issue Sep 8, 2020 · 0 comments
Closed

Add Resource Server Servlet Logging #9000

jzheaux opened this issue Sep 8, 2020 · 0 comments
Assignees
@jzheaux
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Milestone
5.4.0

Comments

@jzheaux
Copy link
Contributor

jzheaux commented Sep 8, 2020

In line with the changes made to Form Login and HTTP Basic logs, let's add logs to Resource Server.

In addition to considering the model that Spring Framework follows, Resource Server should:

  • Log any security outcomes at least at the DEBUG level, with reasons for doing so at the TRACE level
  • State what the code did or what it is about to do, for example, "Authenticated token" instead of "Successful token authentication"
  • Favor TRACE for stack traces
@jzheaux jzheaux added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) labels Sep 8, 2020
@jzheaux jzheaux added this to the 5.4.0 milestone Sep 8, 2020
@jzheaux jzheaux self-assigned this Sep 8, 2020
@jgrandja jgrandja mentioned this issue Sep 8, 2020
Open
2 tasks
@jzheaux jzheaux closed this as completed in bf067d6 Sep 8, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jzheaux jzheaux

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
5.4.0
Development

No branches or pull requests
1 participant
@jzheaux