You can enable two types of logs:
1 - at programming time setting @EnableWebSecurity(debug = true) in the SecurityConfiguration.java (mainly about request data)
2 - at configuration time using the org.springframework.security logger. You can do it using all the means provided by spring boot, so for example adding the following bold lines into application-dev.yml
logging:
level:
ROOT: DEBUG
io.github.jhipster: DEBUG
com.mycompany.myapp: DEBUG
**org:
springframework:
security: debug**