According to this article, and many others on the web, Spring Boot Actuator provides out of box support for Security Auditing, by using the Actuator endpoint /auditevents and by listening to the AuditApplicationEvents.
Im testing the Spring Boot v2.1.0.RC1 with Spring Security v5.1.1 and the OAuth2 Resource Server for validation of JWT and user authentication, see the code at Github ismarslomic/spring-security-resourceserver-example.
The authentication/authorization part work as expected, with use of Google as IDP. However, AUTHORIZATION_SUCCESS event is never fired from Spring Boot Actuator. The only event fired and caught by LoginAttemptsLogger is the AUTHORIZATION_FAILURE, when I drop adding JWT in Authorization header.
Anything Im missing?
This showed to be a bug in Spring Security, which has been resolved in version 5.1.2 and 5.0.10. See more info at https://github.com/spring-projects/spring-boot/issues/14921