Implement meaningful logging for security / authentication
Finding out what's wrong during the authentication process can be cumbersome due to its complexity. Therefore we need some meaningful logging which helps debugging new client code (or the security framework itself) and at the same time audit the authentication mechanism of an application.
Logging should be implemented as an aspect.
Advices should only be active if this is required by current logging threshold.