Improve logging for Global Authentication

[Kehrlann]

Closes gh-14663

See the issue for use-case matrix.

Open questions

I'd like to draw your attention to the following:

• Review log messages, are they appropriate?
• Review log levels, are they appropriate?
• The class names are too long and are truncated in the log lines. Is there something I should do?

Example log lines:

1 UserDetailsService ; INFO level:

2024-03-08T14:23:23.058+01:00  INFO 49038 --- [           main] r$InitializeUserDetailsManagerConfigurer : Global AuthenticationManager configured with UserDetailsService bean with name myUserDetailsService

2 UserDetailsService ; WARN level:

2024-03-08T14:25:11.644+01:00  WARN 49146 --- [           main] r$InitializeUserDetailsManagerConfigurer : Found 2 UserDetailsService beans, with names [myUserDetailsService, secondUserDetailsService]. Global Authentication Manager will not use a UserDetailsService for username/password login.

1 AuthenticationProvider and at least 1 UserDetailsService bean, WARN level:

2024-03-08T14:22:27.832+01:00  WARN 48979 --- [           main] r$InitializeUserDetailsManagerConfigurer : Global AuthenticationManager configured with an AuthenticationProvider bean. UserDetailsService beans will not be used for username/password login.

1 AuthenticationProvider, INFO level:

2024-03-08T14:22:27.831+01:00  INFO 48979 --- [           main] eAuthenticationProviderManagerConfigurer : Global AuthenticationManager configured with AuthenticationProvider bean with name myAuthProvider

2 AuthenticationProviders, WARN level:

2024-03-08T14:23:23.048+01:00  WARN 49038 --- [           main] eAuthenticationProviderManagerConfigurer : Found 2 AuthenticationProvider beans, with names [myAuthProvider, secondAuthProvider]. Global Authentication Manager will not be configured with AuthenticationProviders.

Interaction between the configurers

When the two configurers produce log lines, here are a few examples:

2 AuthenticationProvider, 1 UserDetailsService:

2024-03-08T14:22:27.831+01:00  INFO 48979 --- [           main] eAuthenticationProviderManagerConfigurer : Global AuthenticationManager configured with AuthenticationProvider bean with name myAuthProvider
2024-03-08T14:22:27.832+01:00  WARN 48979 --- [           main] r$InitializeUserDetailsManagerConfigurer : Global AuthenticationManager configured with an AuthenticationProvider bean. UserDetailsService beans will not be used for username/password login.

2 AuthenticationProviders, 1 UserDetailsService:

2024-03-08T14:23:23.048+01:00  WARN 49038 --- [           main] eAuthenticationProviderManagerConfigurer : Found 2 AuthenticationProvider beans, with names [myAuthProvider, secondAuthProvider]. Global Authentication Manager will not be configured with AuthenticationProviders.
2024-03-08T14:23:23.058+01:00  INFO 49038 --- [           main] r$InitializeUserDetailsManagerConfigurer : Global AuthenticationManager configured with UserDetailsService bean with name myUserDetailsService

[jzheaux]

@Kehrlann, thank you! Aside from my inline comments, I think regarding logging levels we should consider whether it is ever correct to arrange a Spring application with two AuthenticationProvider beans. If it is, then I think DEBUG is a better level so that folks who intentionally have two don't get bugged for eternity by a needless message.

I lean towards DEBUG, but I'm open to your reflection as well.

[Kehrlann]

@jzheaux thank you for the review, addressed the comments.

Thinking about it, I agree that two AuthenticationProvider beans is a valid Spring configuration and should probably not trigger a WARN log.

If a single AuthenticationProvider bean produces an INFO log, then having two beans should also produce an INFO log as well.
I'm tempted to keep it at the INFO level, as global authentication is not trivial to understand. Having a bit more logs will help users understand that this feature even exists.

[jzheaux]

Thanks, @Kehrlann! This is now merged into main.