How do I enable logging for Spring Security

Question

I am setting up Spring Security to handle logging users in  I have logged in as a user  and am taken to an Access Denied error page upon successful login  I don t know what roles my user has actually been assigned  or the rule that causes access to be denied  because I can t figure out how to enable debugging for the Spring Security library   My security xml    lt  xml version  1 0  encoding  UTF-8   gt   lt beans      gt       lt  -- security -- gt        lt security debug  gt  lt  -- doesn t seem to be working -- gt        lt security http auto-config  true  gt            lt security intercept-url pattern   Admin    access  hasRole  PROGRAMMER   or hasRole  ADMIN     gt           lt security form-login login-page   Load do              default-target-url   Admin do m loadAdminMain              authentication-failure-url   Load do error true              username-parameter  j username              password-parameter  j password              login-processing-url   j spring security check   gt           lt security csrf  gt  lt  -- enable Cross Site Request Forgery protection -- gt       lt  security http gt        lt security authentication-manager gt           lt security authentication-provider gt               lt security jdbc-user-service data-source-ref  loginDataSource                  users-by-username-query  SELECT username  password  active FROM userinformation WHERE username                      authorities-by-username-query                       SELECT ui username  r rolename                      FROM role r  userrole ur  userinformation ui                      WHERE ui username                        AND ui userinformationid   ur userinformationid                      AND ur roleid   r roleid                 gt               lt security password-encoder hash  md5   gt           lt  security authentication-provider gt       lt  security authentication-manager gt   lt  beans gt    I ve also tried adding log4j logger org springframework security DEBUG to my log4j properties  How can I get debug output for Spring Security

User · Answer

Basic debugging using Spring s DebugFilter can be configured like this    EnableWebSecurity public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter         Override     public void configure WebSecurity web  throws Exception           web debug true

User · Answer

You can easily enable debugging support using an option for the  EnableWebSecurity annotation    EnableWebSecurity debug   true  public class SecurityConfiguration extends WebSecurityConfigurerAdapter

User · Answer

By default Spring Security redirects user to the URL that he originally requested   Load do in your case  after login   You can set always-use-default-target to true to disable this behavior     lt security http auto-config  true  gt        lt security intercept-url pattern   Admin    access  hasRole  PROGRAMMER   or hasRole  ADMIN     gt       lt security form-login login-page   Load do          default-target-url   Admin do m loadAdminMain          authentication-failure-url   Load do error true          always-use-default-target    true          username-parameter  j username          password-parameter  j password          login-processing-url   j spring security check   gt       lt security csrf  gt  lt  -- enable Cross Site Request Forgery protection -- gt   lt  security http gt

User · Answer

Assuming you re using Spring Boot  another option is to put the following in your application properties   logging level org springframework security DEBUG   This is the same for most other Spring modules as well   If you re not using Spring Boot  try setting the property in your logging configuration  e g  logback   Here is the application yml version as well   logging    level      org        springframework          security  DEBUG

User · Answer

You can easily enable debugging support using an option for the  EnableWebSecurity annotation    EnableWebSecurity debug   true  public class SecurityConfiguration extends WebSecurityConfigurerAdapter               If you need profile-specific control the in your application- profile  properties file   org springframework security config annotation web builders WebSecurity debugEnabled false   Get Detailed Post  http   www bytefold com enable-disable-profile-specific-spring-security-debug-flag

User · Answer

Spring security logging for webflux reactive apps is now available starting with version 5 4 0-M2  as mentionned by  bzhu in comment How do I enable logging for Spring Security   Until this gets into a GA release  here is how to get this milestone release in gradle repositories       mavenCentral       if   version endsWith  RELEASE              maven   url  quot https   repo spring io milestone quot                Force earlier milestone release to get securing logging preview    https   docs spring io spring-security site docs current reference html5  getting-gradle-boot    https   github com spring-projects spring-security pull 8504    https   github com spring-projects spring-security releases tag 5 4 0-M2 ext  spring-security version    5 4 0-M2  dependencyManagement       imports           mavenBom  quot org springframework cloud spring-cloud-dependencies   springCloudVersion  quot

[debugging] How do I enable logging for Spring Security?

Examples related to debugging

Examples related to spring-security