MSAL for Java 中的日志记录Logging in MSAL for Java

Microsoft 身份验证库 (MSAL) 应用生成日志消息,这些消息可以用来诊断问题。The Microsoft Authentication Library (MSAL) apps generate log messages that can help diagnose issues. 应用可以通过数行代码配置日志记录,并可对详细程度以及是否记录个人和组织数据进行自定义控制。An app can configure logging with a few lines of code, and have custom control over the level of detail and whether or not personal and organizational data is logged. 建议创建 MSAL 日志记录回调,并提供一种方式来让用户在遇到身份验证问题时提交日志。We recommend you create an MSAL logging callback and provide a way for users to submit logs when they have authentication issues.

日志记录级别Logging levels

MSAL 提供多个日志记录详细级别:MSAL provides several levels of logging detail:

  • 错误:指示出现问题并已生成错误。Error: Indicates something has gone wrong and an error was generated. 用于调试并确定问题。Used for debugging and identifying problems.
  • 警告:不一定会出现错误或故障,只是为了诊断和指出问题。Warning: There hasn't necessarily been an error or failure, but are intended for diagnostics and pinpointing problems.
  • 信息:MSAL 将要记录的事件可为用户提供信息,不一定用于调试。Info: MSAL will log events intended for informational purposes not necessarily intended for debugging.
  • 详细:默认。Verbose: Default. MSAL 将记录库行为的完整详细信息。MSAL logs the full details of library behavior.

个人和组织数据Personal and organizational data

默认情况下,MSAL 记录器不捕获任何高度敏感的个人或组织数据。By default, the MSAL logger doesn't capture any highly sensitive personal or organizational data. 该库提供相关选项,允许你自行决定是否记录个人和组织数据。The library provides the option to enable logging personal and organizational data if you decide to do so.

以下各节将详细介绍应用程序的 MSAL 错误日志记录。The following sections provide more details about MSAL error logging for your application.

适用于 Java 的 MSAL 日志记录MSAL for Java logging

适用于 Java 的 MSAL 允许使用已在应用中使用的日志记录库,只要该库与 SLF4J 兼容即可。MSAL for Java allows you to use the logging library that you are already using with your app, as long as it is compatible with SLF4J. 适用于 Java 的 MSAL 使用适用于 Java 的简单日志记录结构 (SLF4J) 作为各种日志记录框架(例如 java.util.loggingLogbackLog4j)的简单结构或抽象层。MSAL for Java uses the Simple Logging Facade for Java (SLF4J) as a simple facade or abstraction for various logging frameworks, such as java.util.logging, Logback and Log4j. SLF4J 允许用户在部署时插入所需的日志记录框架。SLF4J allows the user to plug in the desired logging framework at deployment time.

例如,若要使用 Logback 作为应用程序中的日志记录框架,请将 Logback 依赖项添加到应用程序的 Maven pom 文件中:For example, to use Logback as the logging framework in your application, add the Logback dependency to the Maven pom file for your application:


然后添加 Logback 配置文件:Then add the Logback configuration file:

<?xml version="1.0" encoding="UTF-8"?>
<configuration debug="true">


在部署时,SLF4J 会自动绑定到 Logback。SLF4J automatically binds to Logback at deployment time. MSAL 日志将写入控制台。MSAL logs will be written to the console.

有关如何绑定到其他日志记录框架的说明,请参阅 SLF4J 手册For instructions on how to bind to other logging frameworks, see the SLF4J manual.

个人和组织信息Personal and organization information

默认情况下,MSAL 日志记录不会捕获或者记录任何个人或组织数据。By default, MSAL logging does not capture or log any personal or organizational data. 在以下示例中,默认已禁用个人或组织数据的日志记录:In the following example, logging personal or organizational data is off by default:

    PublicClientApplication app2 = PublicClientApplication.builder(PUBLIC_CLIENT_ID)

可以通过在客户端应用程序生成器中设置 logPii() 来启用个人和组织数据的日志记录。Turn on personal and organizational data logging by setting logPii() on the client application builder. 如果启用个人或组织数据的日志记录,则应用必须负责安全处理高度敏感的数据,并遵守任何法规要求。If you turn on personal or organizational data logging, your app must take responsibility for safely handling highly-sensitive data and complying with any regulatory requirements.

在以下示例中,默认已启用个人或组织数据的日志记录:In the following example, logging personal or organizational data is enabled:

PublicClientApplication app2 = PublicClientApplication.builder(PUBLIC_CLIENT_ID)

后续步骤Next steps

有关更多代码示例,请参阅 Microsoft 标识平台代码示例For more code samples, refer to Microsoft identity platform code samples.