I am using WildFly 8.2.0 with Picketlink 2.7
I have application deployed running fine with SAML HTTP POST Authentication. I now have a requirement to write an audit log which contains login fail, login success, logout fail, logout success information. For every record I have to identify originating address (HTTP Referer header).
I tried PicketLinkAuditProvider, it logs but does not contain all the details. Also tried the org.jboss.security.audit.providers.LogAuditProvider but it provides Source=org.wildfly.extension.undertow.security.AuditNotificationReceiver;message=UT000030
I went to see the AuditNotificationReceiver code and found that it is swallowing the information that I need.
Need help to understand if I am moving in right direction or not.
If I am in right direction, is it possible to provide custom AuditNotificationReceiver to Wildfly security subsytem.