Merge pull request #3335 from stianst/KEYCLOAK-3635

KEYCLOAK-3635 Not possible to filter debug/trace logging
2016-10-17 18:50:10 +02:00 · 2016-10-17 18:50:10 +02:00 · d22f45f0d2
commit d22f45f0d2
parent cefb1742a1 b320eb8fc7
94 changed files with 270 additions and 280 deletions
--- a/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
+++ b/services/src/main/java/org/keycloak/authentication/AuthenticationProcessor.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.authentication.authenticators.browser.AbstractUsernameFormAuthenticator;
@ -63,7 +64,7 @@ import java.util.Map;
 */
 public class AuthenticationProcessor {
    public static final String CURRENT_AUTHENTICATION_EXECUTION = "current.authentication.execution";
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(AuthenticationProcessor.class);
    protected RealmModel realm;
    protected UserSessionModel userSession;
    protected ClientSessionModel clientSession;
@ -561,25 +562,25 @@ public class AuthenticationProcessor {
        if (failure instanceof AuthenticationFlowException) {
            AuthenticationFlowException e = (AuthenticationFlowException) failure;
            if (e.getError() == AuthenticationFlowError.INVALID_USER) {
-                logger.failedAuthentication(e);
+                ServicesLogger.LOGGER.failedAuthentication(e);
                event.error(Errors.USER_NOT_FOUND);
                return ErrorPage.error(session, Messages.INVALID_USER);
            } else if (e.getError() == AuthenticationFlowError.USER_DISABLED) {
-                logger.failedAuthentication(e);
+                ServicesLogger.LOGGER.failedAuthentication(e);
                event.error(Errors.USER_DISABLED);
                return ErrorPage.error(session, Messages.ACCOUNT_DISABLED);
            } else if (e.getError() == AuthenticationFlowError.USER_TEMPORARILY_DISABLED) {
-                logger.failedAuthentication(e);
+                ServicesLogger.LOGGER.failedAuthentication(e);
                event.error(Errors.USER_TEMPORARILY_DISABLED);
                return ErrorPage.error(session, Messages.INVALID_USER);
            } else if (e.getError() == AuthenticationFlowError.INVALID_CLIENT_SESSION) {
-                logger.failedAuthentication(e);
+                ServicesLogger.LOGGER.failedAuthentication(e);
                event.error(Errors.INVALID_CODE);
                return ErrorPage.error(session, Messages.INVALID_CODE);
            } else if (e.getError() == AuthenticationFlowError.EXPIRED_CODE) {
-                logger.failedAuthentication(e);
+                ServicesLogger.LOGGER.failedAuthentication(e);
                event.error(Errors.EXPIRED_CODE);
                return ErrorPage.error(session, Messages.EXPIRED_CODE);
@ -604,13 +605,13 @@ public class AuthenticationProcessor {
                return processor.authenticate();
            } else {
-                logger.failedAuthentication(e);
+                ServicesLogger.LOGGER.failedAuthentication(e);
                event.error(Errors.INVALID_USER_CREDENTIALS);
                return ErrorPage.error(session, Messages.INVALID_USER);
            }
        } else {
-            logger.failedAuthentication(failure);
+            ServicesLogger.LOGGER.failedAuthentication(failure);
            event.error(Errors.INVALID_USER_CREDENTIALS);
            return ErrorPage.error(session, Messages.UNEXPECTED_ERROR_HANDLING_REQUEST);
        }
@ -620,7 +621,7 @@ public class AuthenticationProcessor {
    public Response handleClientAuthException(Exception failure) {
        if (failure instanceof AuthenticationFlowException) {
            AuthenticationFlowException e = (AuthenticationFlowException) failure;
-            logger.failedClientAuthentication(e);
+            ServicesLogger.LOGGER.failedClientAuthentication(e);
            if (e.getError() == AuthenticationFlowError.CLIENT_NOT_FOUND) {
                event.error(Errors.CLIENT_NOT_FOUND);
                return ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "invalid_client", "Could not find client");
@ -635,7 +636,7 @@ public class AuthenticationProcessor {
                return ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", e.getError().toString() + ": " + e.getMessage());
            }
        } else {
-            logger.errorAuthenticatingClient(failure);
+            ServicesLogger.LOGGER.errorAuthenticatingClient(failure);
            event.error(Errors.INVALID_CLIENT_CREDENTIALS);
            return ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", "Unexpected error when authenticating client: " + failure.getMessage());
        }
--- a/services/src/main/java/org/keycloak/authentication/ClientAuthenticationFlow.java
+++ b/services/src/main/java/org/keycloak/authentication/ClientAuthenticationFlow.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication;
 import org.jboss.logging.Logger;
 import org.keycloak.events.Details;
 import org.keycloak.events.Errors;
 import org.keycloak.models.AuthenticationExecutionModel;
@ -35,7 +36,7 @@ import java.util.List;
 */
 public class ClientAuthenticationFlow implements AuthenticationFlow {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ClientAuthenticationFlow.class);
    Response alternativeChallenge = null;
    AuthenticationProcessor processor;
@ -73,7 +74,7 @@ public class ClientAuthenticationFlow implements AuthenticationFlow {
                // Fallback to secret just in case (for backwards compatibility)
                if (expectedClientAuthType == null) {
                    expectedClientAuthType = KeycloakModelUtils.getDefaultClientAuthenticatorType();
-                    logger.authMethodFallback(client.getClientId(), expectedClientAuthType);
+                    ServicesLogger.LOGGER.authMethodFallback(client.getClientId(), expectedClientAuthType);
                }
                // Check if client authentication matches
@ -154,7 +155,7 @@ public class ClientAuthenticationFlow implements AuthenticationFlow {
        } else if (status == FlowStatus.FAILURE_CHALLENGE) {
            return sendChallenge(result, execution);
        } else {
-            logger.unknownResultStatus();
+            ServicesLogger.LOGGER.unknownResultStatus();
            throw new AuthenticationFlowException(AuthenticationFlowError.INTERNAL_ERROR);
        }
    }
--- a/services/src/main/java/org/keycloak/authentication/DefaultAuthenticationFlow.java
+++ b/services/src/main/java/org/keycloak/authentication/DefaultAuthenticationFlow.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication;
 import org.jboss.logging.Logger;
 import org.keycloak.models.AuthenticationExecutionModel;
 import org.keycloak.models.AuthenticationFlowModel;
 import org.keycloak.models.ClientSessionModel;
@ -32,7 +33,7 @@ import java.util.List;
 * @version $Revision: 1 $
 */
 public class DefaultAuthenticationFlow implements AuthenticationFlow {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(DefaultAuthenticationFlow.class);
    Response alternativeChallenge = null;
    AuthenticationExecutionModel challengedAlternativeExecution = null;
    boolean alternativeSuccessful = false;
@ -247,7 +248,7 @@ public class DefaultAuthenticationFlow implements AuthenticationFlow {
                return processor.authenticate();
            default:
                logger.debugv("authenticator INTERNAL_ERROR: {0}", execution.getAuthenticator());
-                logger.unknownResultStatus();
+                ServicesLogger.LOGGER.unknownResultStatus();
                throw new AuthenticationFlowException(AuthenticationFlowError.INTERNAL_ERROR);
        }
    }
--- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpConfirmLinkAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpConfirmLinkAuthenticator.java
@ -39,15 +39,13 @@ import javax.ws.rs.core.Response;
 */
 public class IdpConfirmLinkAuthenticator extends AbstractIdpAuthenticator {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    @Override
    protected void authenticateImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) {
        ClientSessionModel clientSession = context.getClientSession();
        String existingUserInfo = clientSession.getNote(EXISTING_USER_INFO);
        if (existingUserInfo == null) {
-            logger.noDuplicationDetected();
+            ServicesLogger.LOGGER.noDuplicationDetected();
            context.attempted();
            return;
        }
--- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpCreateUserIfUniqueAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpCreateUserIfUniqueAuthenticator.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.broker;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.authenticators.broker.util.ExistingUserInfo;
 import org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext;
@ -39,7 +40,7 @@ import java.util.Map;
 */
 public class IdpCreateUserIfUniqueAuthenticator extends AbstractIdpAuthenticator {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static Logger logger = Logger.getLogger(IdpCreateUserIfUniqueAuthenticator.class);
    @Override
@ -59,7 +60,7 @@ public class IdpCreateUserIfUniqueAuthenticator extends AbstractIdpAuthenticator
        String username = getUsername(context, serializedCtx, brokerContext);
        if (username == null) {
-            logger.resetFlow(realm.isRegistrationEmailAsUsername() ? "Email" : "Username");
+            ServicesLogger.LOGGER.resetFlow(realm.isRegistrationEmailAsUsername() ? "Email" : "Username");
            context.getClientSession().setNote(ENFORCE_UPDATE_PROFILE, "true");
            context.resetFlow();
            return;
--- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpEmailVerificationAuthenticator.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.broker;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.AuthenticationFlowError;
 import org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext;
@ -48,7 +49,7 @@ import java.util.concurrent.TimeUnit;
 */
 public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static Logger logger = Logger.getLogger(IdpEmailVerificationAuthenticator.class);
    @Override
    protected void authenticateImpl(AuthenticationFlowContext context, SerializedBrokeredIdentityContext serializedCtx, BrokeredIdentityContext brokerContext) {
@ -57,7 +58,7 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator
        ClientSessionModel clientSession = context.getClientSession();
        if (realm.getSmtpConfig().size() == 0) {
-            logger.smtpNotConfigured();
+            ServicesLogger.LOGGER.smtpNotConfigured();
            context.attempted();
            return;
        }
@ -94,7 +95,7 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator
        } catch (EmailException e) {
            event.error(Errors.EMAIL_SEND_FAILED);
-            logger.confirmBrokerEmailFailed(e);
+            ServicesLogger.LOGGER.confirmBrokerEmailFailed(e);
            Response challenge = context.form()
                    .setError(Messages.EMAIL_SENT_ERROR)
                    .createErrorPage();
@ -137,7 +138,7 @@ public class IdpEmailVerificationAuthenticator extends AbstractIdpAuthenticator
                context.setUser(existingUser);
                context.success();
            } else {
-                logger.keyParamDoesNotMatch();
+                ServicesLogger.LOGGER.keyParamDoesNotMatch();
                Response challengeResponse = context.form()
                        .setError(Messages.INVALID_ACCESS_CODE)
                        .createErrorPage();
--- a/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpReviewProfileAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/broker/IdpReviewProfileAuthenticator.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.broker;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.authenticators.broker.util.SerializedBrokeredIdentityContext;
 import org.keycloak.broker.provider.BrokeredIdentityContext;
@ -45,7 +46,7 @@ import java.util.List;
 */
 public class IdpReviewProfileAuthenticator extends AbstractIdpAuthenticator {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(IdpReviewProfileAuthenticator.class);
    @Override
    public boolean requiresUser() {
--- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/AbstractUsernameFormAuthenticator.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.browser;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.AbstractFormAuthenticator;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.AuthenticationFlowError;
@ -43,7 +44,7 @@ import java.util.List;
 */
 public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuthenticator {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(AbstractUsernameFormAuthenticator.class);
    public static final String REGISTRATION_FORM_ACTION = "registration_form";
    public static final String ATTEMPTED_USERNAME = "ATTEMPTED_USERNAME";
@ -131,7 +132,7 @@ public abstract class AbstractUsernameFormAuthenticator extends AbstractFormAuth
        try {
            user = KeycloakModelUtils.findUserByNameOrEmail(context.getSession(), context.getRealm(), username);
        } catch (ModelDuplicateException mde) {
-            logger.modelDuplicateException(mde);
+            ServicesLogger.LOGGER.modelDuplicateException(mde);
            // Could happen during federation import
            if (mde.getDuplicateFieldName() != null && mde.getDuplicateFieldName().equals(UserModel.EMAIL)) {
--- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/SpnegoAuthenticator.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.browser;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.AuthenticationFlowError;
@ -44,7 +45,7 @@ import java.util.Map;
 */
 public class SpnegoAuthenticator extends AbstractUsernameFormAuthenticator implements Authenticator{
    public static final String KERBEROS_DISABLED = "kerberos_disabled";
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(SpnegoAuthenticator.class);
    @Override
    public boolean requiresUser() {
--- a/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/browser/UsernamePasswordForm.java
@ -37,7 +37,7 @@ import javax.ws.rs.core.Response;
 * @version $Revision: 1 $
 */
 public class UsernamePasswordForm extends AbstractUsernameFormAuthenticator implements Authenticator {
-    protected static ServicesLogger log = ServicesLogger.ROOT_LOGGER;
+    protected static ServicesLogger log = ServicesLogger.LOGGER;
    @Override
    public void action(AuthenticationFlowContext context) {
--- a/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/ClientIdAndSecretAuthenticator.java
@ -25,7 +25,6 @@ import org.keycloak.models.ClientModel;
 import org.keycloak.protocol.oidc.OIDCLoginProtocol;
 import org.keycloak.provider.ProviderConfigProperty;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.util.BasicAuthHelper;
 import javax.ws.rs.core.HttpHeaders;
@ -49,8 +48,6 @@ import java.util.Set;
 */
 public class ClientIdAndSecretAuthenticator extends AbstractClientAuthenticator {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static final String PROVIDER_ID = "client-secret";
    public static final AuthenticationExecutionModel.Requirement[] REQUIREMENT_CHOICES = {
--- a/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/client/JWTClientAuthenticator.java
@ -59,8 +59,6 @@ import org.keycloak.services.Urls;
 */
 public class JWTClientAuthenticator extends AbstractClientAuthenticator {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static final String PROVIDER_ID = "client-jwt";
    public static final String ATTR_PREFIX = "jwt.credential";
    public static final String CERTIFICATE_ATTR = "jwt.credential.certificate";
@ -156,7 +154,7 @@ public class JWTClientAuthenticator extends AbstractClientAuthenticator {
            context.success();
        } catch (Exception e) {
-            logger.errorValidatingAssertion(e);
+            ServicesLogger.LOGGER.errorValidatingAssertion(e);
            Response challengeResponse = ClientAuthUtil.errorResponse(Response.Status.BAD_REQUEST.getStatusCode(), "unauthorized_client", "Client authentication with signed JWT failed: " + e.getMessage());
            context.failure(AuthenticationFlowError.INVALID_CLIENT_CREDENTIALS, challengeResponse);
        }
--- a/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/directgrant/ValidateUsername.java
@ -43,7 +43,6 @@ import java.util.List;
 */
 public class ValidateUsername extends AbstractDirectGrantAuthenticator {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static final String PROVIDER_ID = "direct-grant-validate-username";
    @Override
@ -63,7 +62,7 @@ public class ValidateUsername extends AbstractDirectGrantAuthenticator {
        try {
            user = KeycloakModelUtils.findUserByNameOrEmail(context.getSession(), context.getRealm(), username);
        } catch (ModelDuplicateException mde) {
-            logger.modelDuplicateException(mde);
+            ServicesLogger.LOGGER.modelDuplicateException(mde);
            Response challengeResponse = errorResponse(Response.Status.UNAUTHORIZED.getStatusCode(), "invalid_request", "Invalid user credentials");
            context.failure(AuthenticationFlowError.INVALID_USER, challengeResponse);
            return;
--- a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialChooseUser.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.resetcred;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.AuthenticationFlowError;
@ -46,7 +47,7 @@ import java.util.List;
 */
 public class ResetCredentialChooseUser implements Authenticator, AuthenticatorFactory {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ResetCredentialChooseUser.class);
    public static final String PROVIDER_ID = "reset-credentials-choose-user";
--- a/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialEmail.java
+++ b/services/src/main/java/org/keycloak/authentication/authenticators/resetcred/ResetCredentialEmail.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.authenticators.resetcred;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.authentication.AuthenticationFlowContext;
 import org.keycloak.authentication.AuthenticationFlowError;
@ -53,7 +54,7 @@ import java.util.concurrent.TimeUnit;
 public class ResetCredentialEmail implements Authenticator, AuthenticatorFactory {
    public static final String RESET_CREDENTIAL_SECRET = "RESET_CREDENTIAL_SECRET";
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ResetCredentialEmail.class);
    public static final String PROVIDER_ID = "reset-credential-email";
@ -100,7 +101,7 @@ public class ResetCredentialEmail implements Authenticator, AuthenticatorFactory
                    .detail(Details.USERNAME, username)
                    .user(user)
                    .error(Errors.EMAIL_SEND_FAILED);
-            logger.failedToSendPwdResetEmail(e);
+            ServicesLogger.LOGGER.failedToSendPwdResetEmail(e);
            Response challenge = context.form()
                    .setError(Messages.EMAIL_SENT_ERROR)
                    .createErrorPage();
--- a/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java
+++ b/services/src/main/java/org/keycloak/authentication/forms/RegistrationRecaptcha.java
@ -23,6 +23,7 @@ import org.apache.http.client.HttpClient;
 import org.apache.http.client.entity.UrlEncodedFormEntity;
 import org.apache.http.client.methods.HttpPost;
 import org.apache.http.message.BasicNameValuePair;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.authentication.FormAction;
 import org.keycloak.authentication.FormActionFactory;
@ -62,7 +63,7 @@ public class RegistrationRecaptcha implements FormAction, FormActionFactory, Con
    public static final String RECAPTCHA_REFERENCE_CATEGORY = "recaptcha";
    public static final String SITE_KEY = "site.key";
    public static final String SITE_SECRET = "secret";
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(RegistrationRecaptcha.class);
    public static final String PROVIDER_ID = "registration-recaptcha-action";
@ -152,7 +153,7 @@ public class RegistrationRecaptcha implements FormAction, FormActionFactory, Con
                content.close();
            }
        } catch (Exception e) {
-            logger.recaptchaFailed(e);
+            ServicesLogger.LOGGER.recaptchaFailed(e);
        }
        return success;
    }
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdatePassword.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.requiredactions;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.authentication.RequiredActionContext;
 import org.keycloak.authentication.RequiredActionFactory;
@ -35,7 +36,6 @@ import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.models.ModelException;
 import org.keycloak.models.UserCredentialModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.messages.Messages;
 import org.keycloak.services.validation.Validation;
@ -48,7 +48,7 @@ import java.util.concurrent.TimeUnit;
 * @version $Revision: 1 $
 */
 public class UpdatePassword implements RequiredActionProvider, RequiredActionFactory {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UpdatePassword.class);
    @Override
    public void evaluateTriggers(RequiredActionContext context) {
        int daysToExpirePassword = context.getRealm().getPasswordPolicy().getDaysToExpirePassword();
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateProfile.java
@ -29,7 +29,6 @@ import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.FormMessage;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.messages.Messages;
 import org.keycloak.services.resources.AttributeFormDataProcessor;
 import org.keycloak.services.validation.Validation;
@ -43,7 +42,6 @@ import java.util.List;
 * @version $Revision: 1 $
 */
 public class UpdateProfile implements RequiredActionProvider, RequiredActionFactory {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    @Override
    public void evaluateTriggers(RequiredActionContext context) {
    }
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/UpdateTotp.java
@ -28,7 +28,6 @@ import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.models.UserCredentialModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.CredentialValidation;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.messages.Messages;
 import org.keycloak.services.validation.Validation;
@ -40,7 +39,6 @@ import javax.ws.rs.core.Response;
 * @version $Revision: 1 $
 */
 public class UpdateTotp implements RequiredActionProvider, RequiredActionFactory {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    @Override
    public void evaluateTriggers(RequiredActionContext context) {
    }
--- a/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java
+++ b/services/src/main/java/org/keycloak/authentication/requiredactions/VerifyEmail.java
@ -17,6 +17,7 @@
 package org.keycloak.authentication.requiredactions;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.authentication.RequiredActionContext;
 import org.keycloak.authentication.RequiredActionFactory;
@ -41,7 +42,7 @@ import javax.ws.rs.core.Response;
 * @version $Revision: 1 $
 */
 public class VerifyEmail implements RequiredActionProvider, RequiredActionFactory {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(VerifyEmail.class);
    @Override
    public void evaluateTriggers(RequiredActionContext context) {
        if (context.getRealm().isVerifyEmail() && !context.getUser().isEmailVerified()) {
--- a/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProviderFactory.java
+++ b/services/src/main/java/org/keycloak/broker/oidc/OIDCIdentityProviderFactory.java
@ -17,21 +17,13 @@
 package org.keycloak.broker.oidc;
 import org.keycloak.broker.provider.AbstractIdentityProviderFactory;
 import org.keycloak.jose.jwk.JSONWebKeySet;
 import org.keycloak.jose.jwk.JWK;
 import org.keycloak.jose.jwk.JWKParser;
 import org.keycloak.models.IdentityProviderModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.utils.KeycloakModelUtils;
 import org.keycloak.protocol.oidc.representations.OIDCConfigurationRepresentation;
 import org.keycloak.protocol.oidc.utils.JWKSHttpUtils;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.util.JWKSUtils;
 import org.keycloak.util.JsonSerialization;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.PublicKey;
 import java.util.Map;
 /**
@ -39,8 +31,6 @@ import java.util.Map;
 */
 public class OIDCIdentityProviderFactory extends AbstractIdentityProviderFactory<OIDCIdentityProvider> {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static final String PROVIDER_ID = "oidc";
    @Override
--- a/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java
+++ b/services/src/main/java/org/keycloak/email/DefaultEmailSenderProvider.java
@ -17,6 +17,7 @@
 package org.keycloak.email;
 import org.jboss.logging.Logger;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserModel;
@ -44,7 +45,7 @@ import java.util.Properties;
 */
 public class DefaultEmailSenderProvider implements EmailSenderProvider {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(DefaultEmailSenderProvider.class);
    private final KeycloakSession session;
@ -123,7 +124,7 @@ public class DefaultEmailSenderProvider implements EmailSenderProvider {
            }
            transport.sendMessage(msg, new InternetAddress[]{new InternetAddress(address)});
        } catch (Exception e) {
-            logger.failedToSendEmail(e);
+            ServicesLogger.LOGGER.failedToSendEmail(e);
            throw new EmailException(e);
        } finally {
            if (transport != null) {
--- a/services/src/main/java/org/keycloak/exportimport/ExportImportManager.java
+++ b/services/src/main/java/org/keycloak/exportimport/ExportImportManager.java
@ -18,6 +18,7 @@
 package org.keycloak.exportimport;
 import org.jboss.logging.Logger;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.services.ServicesLogger;
@ -29,7 +30,7 @@ import java.io.IOException;
 */
 public class ExportImportManager {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ExportImportManager.class);
    private KeycloakSessionFactory sessionFactory;
@ -82,13 +83,13 @@ public class ExportImportManager {
        try {
            Strategy strategy = ExportImportConfig.getStrategy();
            if (realmName == null) {
-                logger.fullModelImport(strategy.toString());
+                ServicesLogger.LOGGER.fullModelImport(strategy.toString());
                importProvider.importModel(sessionFactory, strategy);
            } else {
-                logger.realmImportRequested(realmName, strategy.toString());
+                ServicesLogger.LOGGER.realmImportRequested(realmName, strategy.toString());
                importProvider.importRealm(sessionFactory, realmName, strategy);
            }
-            logger.importSuccess();
+            ServicesLogger.LOGGER.importSuccess();
        } catch (IOException e) {
            throw new RuntimeException("Failed to run import", e);
        }
@ -97,13 +98,13 @@ public class ExportImportManager {
    public void runExport() {
        try {
            if (realmName == null) {
-                logger.fullModelExportRequested();
+                ServicesLogger.LOGGER.fullModelExportRequested();
                exportProvider.exportModel(sessionFactory);
            } else {
-                logger.realmExportRequested(realmName);
+                ServicesLogger.LOGGER.realmExportRequested(realmName);
                exportProvider.exportRealm(sessionFactory, realmName);
            }
-            logger.exportSuccess();
+            ServicesLogger.LOGGER.exportSuccess();
        } catch (IOException e) {
            throw new RuntimeException("Failed to run export");
        }
--- a/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java
+++ b/services/src/main/java/org/keycloak/keys/loader/ClientPublicKeyLoader.java
@ -22,6 +22,7 @@ import java.security.cert.X509Certificate;
 import java.util.Collections;
 import java.util.Map;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.authenticators.client.JWTClientAuthenticator;
 import org.keycloak.common.util.KeyUtils;
 import org.keycloak.jose.jwk.JSONWebKeySet;
@ -44,7 +45,7 @@ import org.keycloak.util.JWKSUtils;
 */
 public class ClientPublicKeyLoader implements PublicKeyLoader {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ClientPublicKeyLoader.class);
    private final KeycloakSession session;
    private final ClientModel client;
--- a/services/src/main/java/org/keycloak/keys/loader/OIDCIdentityProviderPublicKeyLoader.java
+++ b/services/src/main/java/org/keycloak/keys/loader/OIDCIdentityProviderPublicKeyLoader.java
@ -17,10 +17,7 @@
 package org.keycloak.keys.loader;
-import java.security.PublicKey;
+import org.jboss.logging.Logger;
 import java.util.Collections;
 import java.util.Map;
 import org.keycloak.broker.oidc.OIDCIdentityProviderConfig;
 import org.keycloak.common.util.KeyUtils;
 import org.keycloak.common.util.PemUtils;
@ -29,15 +26,18 @@ import org.keycloak.jose.jwk.JWK;
 import org.keycloak.keys.PublicKeyLoader;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.protocol.oidc.utils.JWKSHttpUtils;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.util.JWKSUtils;
 import java.security.PublicKey;
 import java.util.Collections;
 import java.util.Map;
 /**
 * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
 */
 public class OIDCIdentityProviderPublicKeyLoader implements PublicKeyLoader {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(OIDCIdentityProviderPublicKeyLoader.class);
    private final KeycloakSession session;
    private final OIDCIdentityProviderConfig config;
--- a/services/src/main/java/org/keycloak/partialimport/AbstractPartialImport.java
+++ b/services/src/main/java/org/keycloak/partialimport/AbstractPartialImport.java
@ -34,7 +34,6 @@ import java.util.Set;
 * @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc.
 */
 public abstract class AbstractPartialImport<T> implements PartialImport<T> {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    protected final Set<T> toOverwrite = new HashSet<>();
    protected final Set<T> toSkip = new HashSet<>();
@ -100,7 +99,7 @@ public abstract class AbstractPartialImport<T> implements PartialImport<T> {
            try {
                create(realm, session, resourceRep);
            } catch (Exception e) {
-                logger.overwriteError(e, getName(resourceRep));
+                ServicesLogger.LOGGER.overwriteError(e, getName(resourceRep));
                throw new ErrorResponseException(ErrorResponse.error(e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR));
            }
@ -122,7 +121,7 @@ public abstract class AbstractPartialImport<T> implements PartialImport<T> {
                String modelId = getModelId(realm, session, resourceRep);
                results.addResult(added(modelId, resourceRep));
            } catch (Exception e) {
-                logger.creationError(e, getName(resourceRep));
+                ServicesLogger.LOGGER.creationError(e, getName(resourceRep));
                throw new ErrorResponseException(ErrorResponse.error(e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR));
            }
        }
--- a/services/src/main/java/org/keycloak/partialimport/RolesPartialImport.java
+++ b/services/src/main/java/org/keycloak/partialimport/RolesPartialImport.java
@ -45,7 +45,6 @@ import java.util.Set;
 * @author Stan Silvert ssilvert@redhat.com (C) 2016 Red Hat Inc.
 */
 public class RolesPartialImport implements PartialImport<RolesRepresentation> {
    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    private Set<RoleRepresentation> realmRolesToOverwrite;
    private Set<RoleRepresentation> realmRolesToSkip;
@ -98,7 +97,7 @@ public class RolesPartialImport implements PartialImport<RolesRepresentation> {
        try {
            RepresentationToModel.importRoles(rep.getRoles(), realm);
        } catch (Exception e) {
-            logger.roleImportError(e);
+            ServicesLogger.LOGGER.roleImportError(e);
            throw new ErrorResponseException(ErrorResponse.error(e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR));
        }
--- a/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
+++ b/services/src/main/java/org/keycloak/protocol/AuthorizationEndpointBase.java
@ -43,8 +43,6 @@ import javax.ws.rs.core.UriInfo;
 */
 public abstract class AuthorizationEndpointBase {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    protected RealmModel realm;
    protected EventBuilder event;
    protected AuthenticationManager authManager;
--- a/services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java
+++ b/services/src/main/java/org/keycloak/protocol/RestartLoginCookie.java
@ -18,21 +18,19 @@
 package org.keycloak.protocol;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import org.jboss.logging.Logger;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.jose.jws.JWSBuilder;
 import org.keycloak.jose.jws.JWSInput;
 import org.keycloak.jose.jws.crypto.HMACProvider;
 import org.keycloak.jose.jws.crypto.RSAProvider;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.ClientSessionModel;
 import org.keycloak.models.KeyManager;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.AuthenticationManager;
 import org.keycloak.services.util.CookieHelper;
 import javax.crypto.SecretKey;
 import javax.ws.rs.core.Cookie;
 import javax.ws.rs.core.UriInfo;
 import java.security.PublicKey;
@ -47,7 +45,7 @@ import java.util.Map;
 * @version $Revision: 1 $
 */
 public class RestartLoginCookie {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(RestartLoginCookie.class);
    public static final String KC_RESTART = "KC_RESTART";
    @JsonProperty("cs")
    protected String clientSession;
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.protocol.oidc;
 import org.jboss.logging.Logger;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.OAuthErrorException;
 import org.keycloak.common.util.Time;
@ -84,7 +85,7 @@ public class OIDCLoginProtocol implements LoginProtocol {
    public static final String CLIENT_SECRET_JWT = "client_secret_jwt";
    public static final String PRIVATE_KEY_JWT = "private_key_jwt";
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(OIDCLoginProtocol.class);
    protected KeycloakSession session;
@ -233,7 +234,7 @@ public class OIDCLoginProtocol implements LoginProtocol {
            case PASSIVE_LOGIN_REQUIRED:
                return OAuthErrorException.LOGIN_REQUIRED;
            default:
-                logger.untranslatedProtocol(error.name());
+                ServicesLogger.LOGGER.untranslatedProtocol(error.name());
                return OAuthErrorException.SERVER_ERROR;
        }
    }
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolFactory.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.protocol.oidc;
 import org.jboss.logging.Logger;
 import org.keycloak.common.constants.KerberosConstants;
 import org.keycloak.common.util.UriUtils;
 import org.keycloak.events.EventBuilder;
@ -48,7 +49,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class OIDCLoginProtocolFactory extends AbstractLoginProtocolFactory {
-    private static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(OIDCLoginProtocolFactory.class);
    public static final String USERNAME = "username";
    public static final String EMAIL = "email";
@ -193,7 +194,7 @@ public class OIDCLoginProtocolFactory extends AbstractLoginProtocolFactory {
        // Backwards compatibility only
        if (rep.isDirectGrantsOnly() != null) {
-            logger.usingDeprecatedDirectGrantsOnly();
+            ServicesLogger.LOGGER.usingDeprecatedDirectGrantsOnly();
            newClient.setStandardFlowEnabled(!rep.isDirectGrantsOnly());
            newClient.setDirectAccessGrantsEnabled(rep.isDirectGrantsOnly());
        } else {
--- a/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocolService.java
@ -20,9 +20,10 @@ package org.keycloak.protocol.oidc;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.events.EventBuilder;
 import org.keycloak.forms.login.LoginFormsProvider;
 import org.keycloak.jose.jwk.JSONWebKeySet;
 import org.keycloak.jose.jwk.JWK;
 import org.keycloak.jose.jwk.JWKBuilder;
 import org.keycloak.forms.login.LoginFormsProvider;
 import org.keycloak.keys.KeyMetadata;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
@ -31,8 +32,6 @@ import org.keycloak.protocol.oidc.endpoints.LoginStatusIframeEndpoint;
 import org.keycloak.protocol.oidc.endpoints.LogoutEndpoint;
 import org.keycloak.protocol.oidc.endpoints.TokenEndpoint;
 import org.keycloak.protocol.oidc.endpoints.UserInfoEndpoint;
 import org.keycloak.jose.jwk.JSONWebKeySet;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.resources.RealmsResource;
 import javax.ws.rs.GET;
@ -55,8 +54,6 @@ import java.util.List;
 */
 public class OIDCLoginProtocolService {
    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    private RealmModel realm;
    private TokenManager tokenManager;
    private EventBuilder event;
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/AuthorizationEndpoint.java
@ -17,6 +17,7 @@
 package org.keycloak.protocol.oidc.endpoints;
 import org.jboss.logging.Logger;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.OAuthErrorException;
 import org.keycloak.authentication.AuthenticationProcessor;
@ -54,7 +55,7 @@ import javax.ws.rs.core.Response;
 */
 public class AuthorizationEndpoint extends AuthorizationEndpointBase {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(AuthorizationEndpoint.class);
    public static final String CODE_AUTH_TYPE = "code";
@ -104,7 +105,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
        }
        if (!TokenUtil.isOIDCRequest(request.getScope())) {
-            logger.oidcScopeMissing();
+            ServicesLogger.LOGGER.oidcScopeMissing();
        }
        errorResponse = checkOIDCParams();
@ -194,7 +195,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
        String responseType = request.getResponseType();
        if (responseType == null) {
-            logger.missingParameter(OAuth2Constants.RESPONSE_TYPE);
+            ServicesLogger.LOGGER.missingParameter(OAuth2Constants.RESPONSE_TYPE);
            event.error(Errors.INVALID_REQUEST);
            return redirectErrorToClient(OIDCResponseMode.QUERY, OAuthErrorException.INVALID_REQUEST, "Missing parameter: response_type");
        }
@ -216,7 +217,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
        try {
            parsedResponseMode = OIDCResponseMode.parse(request.getResponseMode(), parsedResponseType);
        } catch (IllegalArgumentException iae) {
-            logger.invalidParameter(OIDCLoginProtocol.RESPONSE_MODE_PARAM);
+            ServicesLogger.LOGGER.invalidParameter(OIDCLoginProtocol.RESPONSE_MODE_PARAM);
            event.error(Errors.INVALID_REQUEST);
            return redirectErrorToClient(OIDCResponseMode.QUERY, OAuthErrorException.INVALID_REQUEST, "Invalid parameter: response_mode");
        }
@ -225,19 +226,19 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
        // Disallowed by OIDC specs
        if (parsedResponseType.isImplicitOrHybridFlow() && parsedResponseMode == OIDCResponseMode.QUERY) {
-            logger.responseModeQueryNotAllowed();
+            ServicesLogger.LOGGER.responseModeQueryNotAllowed();
            event.error(Errors.INVALID_REQUEST);
            return redirectErrorToClient(OIDCResponseMode.QUERY, OAuthErrorException.INVALID_REQUEST, "Response_mode 'query' not allowed for implicit or hybrid flow");
        }
        if ((parsedResponseType.hasResponseType(OIDCResponseType.CODE) || parsedResponseType.hasResponseType(OIDCResponseType.NONE)) && !client.isStandardFlowEnabled()) {
-            logger.flowNotAllowed("Standard");
+            ServicesLogger.LOGGER.flowNotAllowed("Standard");
            event.error(Errors.NOT_ALLOWED);
            return redirectErrorToClient(parsedResponseMode, OAuthErrorException.UNSUPPORTED_RESPONSE_TYPE, "Client is not allowed to initiate browser login with given response_type. Standard flow is disabled for the client.");
        }
        if (parsedResponseType.isImplicitOrHybridFlow() && !client.isImplicitFlowEnabled()) {
-            logger.flowNotAllowed("Implicit");
+            ServicesLogger.LOGGER.flowNotAllowed("Implicit");
            event.error(Errors.NOT_ALLOWED);
            return redirectErrorToClient(parsedResponseMode, OAuthErrorException.UNSUPPORTED_RESPONSE_TYPE, "Client is not allowed to initiate browser login with given response_type. Implicit flow is disabled for the client.");
        }
@ -249,7 +250,7 @@ public class AuthorizationEndpoint extends AuthorizationEndpointBase {
    private Response checkOIDCParams() {
        if (parsedResponseType.isImplicitOrHybridFlow() && request.getNonce() == null) {
-            logger.missingParameter(OIDCLoginProtocol.NONCE_PARAM);
+            ServicesLogger.LOGGER.missingParameter(OIDCLoginProtocol.NONCE_PARAM);
            event.error(Errors.INVALID_REQUEST);
            return redirectErrorToClient(parsedResponseMode, OAuthErrorException.INVALID_REQUEST, "Missing parameter: nonce");
        }
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/LogoutEndpoint.java
@ -17,6 +17,7 @@
 package org.keycloak.protocol.oidc.endpoints;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.keycloak.OAuth2Constants;
@ -38,7 +39,6 @@ import org.keycloak.representations.IDToken;
 import org.keycloak.representations.RefreshToken;
 import org.keycloak.services.ErrorPage;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.AuthenticationManager;
 import org.keycloak.services.messages.Messages;
 import org.keycloak.services.resources.Cors;
@ -60,7 +60,7 @@ import javax.ws.rs.core.UriInfo;
 * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
 */
 public class LogoutEndpoint {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(LogoutEndpoint.class);
    @Context
    private KeycloakSession session;
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/TokenEndpoint.java
@ -17,6 +17,7 @@
 package org.keycloak.protocol.oidc.endpoints;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.OAuth2Constants;
@ -68,7 +69,7 @@ import java.util.Map;
 */
 public class TokenEndpoint {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(TokenEndpoint.class);
    private MultivaluedMap<String, String> formParams;
    private ClientModel client;
    private Map<String, String> clientAuthAttributes;
@ -309,7 +310,7 @@ public class TokenEndpoint {
    private void updateClientSession(ClientSessionModel clientSession) {
        if(clientSession == null) {
-            logger.clientSessionNull();
+            ServicesLogger.LOGGER.clientSessionNull();
            return;
        }
@ -327,16 +328,16 @@ public class TokenEndpoint {
    private void updateClientSessions(List<ClientSessionModel> clientSessions) {
        if(clientSessions == null) {
-            logger.clientSessionNull();
+            ServicesLogger.LOGGER.clientSessionNull();
            return;
        }
        for (ClientSessionModel clientSession : clientSessions) {
            if(clientSession == null) {
-                logger.clientSessionNull();
+                ServicesLogger.LOGGER.clientSessionNull();
                continue;
            }
            if(clientSession.getClient() == null) {
-                logger.clientModelNull();
+                ServicesLogger.LOGGER.clientModelNull();
                continue;
            }
            if(client.getId().equals(clientSession.getClient().getId())) {
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthorizationEndpointRequestParserProcessor.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthorizationEndpointRequestParserProcessor.java
@ -36,8 +36,6 @@ import java.io.InputStream;
 */
 public class AuthorizationEndpointRequestParserProcessor {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static AuthorizationEndpointRequest parseRequest(EventBuilder event, KeycloakSession session, ClientModel client, MultivaluedMap<String, String> requestParams) {
        try {
            AuthorizationEndpointRequest request = new AuthorizationEndpointRequest();
@ -63,7 +61,7 @@ public class AuthorizationEndpointRequestParserProcessor {
            return request;
        } catch (Exception e) {
-            logger.invalidRequest(e);
+            ServicesLogger.LOGGER.invalidRequest(e);
            event.error(Errors.INVALID_REQUEST);
            throw new ErrorPageException(session, Messages.INVALID_REQUEST);
        }
--- a/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestParser.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/endpoints/request/AuthzEndpointRequestParser.java
@ -17,9 +17,9 @@
 package org.keycloak.protocol.oidc.endpoints.request;
 import org.jboss.logging.Logger;
 import org.keycloak.constants.AdapterConstants;
 import org.keycloak.protocol.oidc.OIDCLoginProtocol;
 import org.keycloak.services.ServicesLogger;
 import java.util.HashSet;
 import java.util.Map;
@ -30,7 +30,7 @@ import java.util.Set;
 */
 abstract class AuthzEndpointRequestParser {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(AuthzEndpointRequestParser.class);
    /**
     * Max number of additional req params copied into client session note to prevent DoS attacks
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/OIDCAttributeMapperHelper.java
@ -34,7 +34,6 @@ import java.util.Map;
 * @version $Revision: 1 $
 */
 public class OIDCAttributeMapperHelper {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static final String TOKEN_CLAIM_NAME = "claim.name";
    public static final String TOKEN_CLAIM_NAME_LABEL = "tokenClaimName.label";
@ -67,7 +66,7 @@ public class OIDCAttributeMapperHelper {
                return result;
            } else {
                if (valueAsList.size() > 1) {
-                    logger.multipleValuesForMapper(attributeValue.toString(), mappingModel.getName());
+                    ServicesLogger.LOGGER.multipleValuesForMapper(attributeValue.toString(), mappingModel.getName());
                }
                attributeValue = valueAsList.get(0);
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/PairwiseSubMapperHelper.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/PairwiseSubMapperHelper.java
@ -3,10 +3,8 @@ package org.keycloak.protocol.oidc.mappers;
 import org.keycloak.models.ProtocolMapperModel;
 import org.keycloak.provider.ProviderConfigProperty;
 import org.keycloak.representations.idm.ProtocolMapperRepresentation;
 import org.keycloak.services.ServicesLogger;
 public class PairwiseSubMapperHelper {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    public static final String SECTOR_IDENTIFIER_URI = "sectorIdentifierUri";
    public static final String SECTOR_IDENTIFIER_URI_LABEL = "sectorIdentifierUri.label";
--- a/services/src/main/java/org/keycloak/protocol/oidc/mappers/SHA256PairwiseSubMapper.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/mappers/SHA256PairwiseSubMapper.java
@ -1,5 +1,6 @@
 package org.keycloak.protocol.oidc.mappers;
 import org.jboss.logging.Logger;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.ProtocolMapperContainerModel;
 import org.keycloak.models.ProtocolMapperModel;
@ -9,7 +10,6 @@ import org.keycloak.protocol.ProtocolMapperConfigException;
 import org.keycloak.protocol.oidc.OIDCLoginProtocol;
 import org.keycloak.provider.ProviderConfigProperty;
 import org.keycloak.representations.idm.ProtocolMapperRepresentation;
 import org.keycloak.services.ServicesLogger;
 import java.nio.charset.Charset;
 import java.security.MessageDigest;
@ -23,7 +23,7 @@ import java.util.UUID;
 public class SHA256PairwiseSubMapper extends AbstractPairwiseSubMapper {
    public static final String PROVIDER_ID = "sha256";
    private static final String HASH_ALGORITHM = "SHA-256";
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(SHA256PairwiseSubMapper.class);
    private final Charset charset;
    public SHA256PairwiseSubMapper() {
--- a/services/src/main/java/org/keycloak/protocol/oidc/utils/PairwiseSubMapperUtils.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/utils/PairwiseSubMapperUtils.java
@ -1,9 +1,9 @@
 package org.keycloak.protocol.oidc.utils;
 import org.jboss.logging.Logger;
 import org.keycloak.protocol.oidc.mappers.AbstractPairwiseSubMapper;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.ProtocolMapperRepresentation;
 import org.keycloak.services.ServicesLogger;
 import java.net.URI;
 import java.net.URISyntaxException;
@ -16,7 +16,7 @@ import java.util.Set;
 import java.util.stream.Collectors;
 public class PairwiseSubMapperUtils {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(PairwiseSubMapperUtils.class);
    /**
     * Returns a set of valid redirect URIs from the root url and redirect URIs registered on a client.
--- a/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/utils/RedirectUtils.java
@ -17,10 +17,10 @@
 package org.keycloak.protocol.oidc.utils;
 import org.jboss.logging.Logger;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.Constants;
 import org.keycloak.models.RealmModel;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.Urls;
 import javax.ws.rs.core.UriInfo;
@ -33,7 +33,7 @@ import java.util.Set;
 */
 public class RedirectUtils {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(RedirectUtils.class);
    public static String verifyRealmRedirectUri(UriInfo uriInfo, String redirectUri, RealmModel realm) {
        Set<String> validRedirects = getValidateRedirectUris(uriInfo, realm);
--- a/services/src/main/java/org/keycloak/provider/FileSystemProviderLoaderFactory.java
+++ b/services/src/main/java/org/keycloak/provider/FileSystemProviderLoaderFactory.java
@ -16,7 +16,7 @@
 */
 package org.keycloak.provider;
-import org.keycloak.services.ServicesLogger;
+import org.jboss.logging.Logger;
 import java.io.File;
 import java.io.FilenameFilter;
@ -30,7 +30,7 @@ import java.util.List;
 */
 public class FileSystemProviderLoaderFactory implements ProviderLoaderFactory {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(FileSystemProviderLoaderFactory.class);
    @Override
    public boolean supports(String type) {
--- a/services/src/main/java/org/keycloak/provider/ProviderManager.java
+++ b/services/src/main/java/org/keycloak/provider/ProviderManager.java
@ -16,8 +16,8 @@
 */
 package org.keycloak.provider;
 import org.jboss.logging.Logger;
 import org.keycloak.common.util.MultivaluedHashMap;
 import org.keycloak.services.ServicesLogger;
 import java.util.Collections;
 import java.util.HashMap;
@ -32,7 +32,7 @@ import java.util.ServiceLoader;
 */
 public class ProviderManager {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ProviderManager.class);
    private List<ProviderLoader> loaders = new LinkedList<ProviderLoader>();
    private MultivaluedHashMap<Class<? extends Provider>, ProviderFactory> cache = new MultivaluedHashMap<>();
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.common.util.MultivaluedHashMap;
 import org.keycloak.models.KeycloakSession;
@ -40,7 +41,7 @@ import java.util.concurrent.CopyOnWriteArrayList;
 public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, ProviderManagerDeployer {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(DefaultKeycloakSessionFactory.class);
    private Set<Spi> spis = new HashSet<>();
    private Map<Class<? extends Provider>, String> provider = new HashMap<>();
@ -193,7 +194,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
                    factory.init(scope);
                    if (spi.isInternal() && !isInternal(factory)) {
-                        logger.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
+                        ServicesLogger.LOGGER.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
                    }
                    factories.put(factory.getId(), factory);
@ -208,7 +209,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
                        factory.init(scope);
                        if (spi.isInternal() && !isInternal(factory)) {
-                            logger.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
+                            ServicesLogger.LOGGER.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
                        }
                        factories.put(factory.getId(), factory);
@ -251,7 +252,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
                factory.init(scope);
                if (spi.isInternal() && !isInternal(factory)) {
-                    logger.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
+                    ServicesLogger.LOGGER.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
                }
                factories.put(factory.getId(), factory);
@ -264,7 +265,7 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory, Pr
                        factory.init(scope);
                        if (spi.isInternal() && !isInternal(factory)) {
-                            logger.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
+                            ServicesLogger.LOGGER.spiMayChange(factory.getId(), factory.getClass().getName(), spi.getName());
                        }
                        factories.put(factory.getId(), factory);
--- a/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
+++ b/services/src/main/java/org/keycloak/services/DefaultKeycloakTransactionManager.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services;
 import org.jboss.logging.Logger;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakTransaction;
 import org.keycloak.models.KeycloakTransactionManager;
@ -31,7 +32,7 @@ import java.util.List;
 */
 public class DefaultKeycloakTransactionManager implements KeycloakTransactionManager {
-    public static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(DefaultKeycloakTransactionManager.class);
    private List<KeycloakTransaction> prepare = new LinkedList<KeycloakTransaction>();
    private List<KeycloakTransaction> transactions = new LinkedList<KeycloakTransaction>();
@ -140,7 +141,7 @@ public class DefaultKeycloakTransactionManager implements KeycloakTransactionMan
                try {
                    tx.rollback();
                } catch (RuntimeException e) {
-                    logger.exceptionDuringRollback(e);
+                    ServicesLogger.LOGGER.exceptionDuringRollback(e);
                }
            }
        }
--- a/services/src/main/java/org/keycloak/services/ServicesLogger.java
+++ b/services/src/main/java/org/keycloak/services/ServicesLogger.java
@ -47,7 +47,7 @@ import static org.jboss.logging.Logger.Level.WARN;
@MessageLogger(projectCode="KC-SERVICES", length=4)
 public interface ServicesLogger extends BasicLogger {
-    ServicesLogger ROOT_LOGGER = Logger.getMessageLogger(ServicesLogger.class, "org.keycloak.services");
+    ServicesLogger LOGGER = Logger.getMessageLogger(ServicesLogger.class, "org.keycloak.services");
    @LogMessage(level = INFO)
    @Message(id=1, value="Loading config from %s")
--- a/services/src/main/java/org/keycloak/services/clientregistration/oidc/OIDCClientRegistrationProvider.java
+++ b/services/src/main/java/org/keycloak/services/clientregistration/oidc/OIDCClientRegistrationProvider.java
@ -16,8 +16,8 @@
 */
 package org.keycloak.services.clientregistration.oidc;
 import org.jboss.logging.Logger;
 import org.keycloak.common.util.Time;
 import org.keycloak.events.EventBuilder;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.ProtocolMapperModel;
@ -33,13 +33,8 @@ import org.keycloak.representations.oidc.OIDCClientRepresentation;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.clientregistration.AbstractClientRegistrationProvider;
 import org.keycloak.services.clientregistration.ClientRegistrationAuth;
 import org.keycloak.services.clientregistration.ClientRegistrationContext;
 import org.keycloak.services.clientregistration.DefaultClientRegistrationContext;
 import org.keycloak.services.clientregistration.ClientRegistrationException;
 import org.keycloak.services.clientregistration.ErrorCodes;
 import org.keycloak.services.validation.PairwiseClientValidator;
 import org.keycloak.services.validation.ValidationMessages;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@ -52,10 +47,8 @@ import javax.ws.rs.Produces;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import java.net.URI;
 import java.util.HashSet;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Set;
 import java.util.concurrent.atomic.AtomicBoolean;
 /**
@ -63,7 +56,7 @@ import java.util.concurrent.atomic.AtomicBoolean;
 */
 public class OIDCClientRegistrationProvider extends AbstractClientRegistrationProvider {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(OIDCClientRegistrationProvider.class);
    public OIDCClientRegistrationProvider(KeycloakSession session) {
        super(session);
@ -91,7 +84,7 @@ public class OIDCClientRegistrationProvider extends AbstractClientRegistrationPr
            clientOIDC.setClientIdIssuedAt(Time.currentTime());
            return Response.created(uri).entity(clientOIDC).build();
        } catch (ClientRegistrationException cre) {
-            logger.clientRegistrationException(cre.getMessage());
+            ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage());
            throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST);
        }
    }
@ -122,7 +115,7 @@ public class OIDCClientRegistrationProvider extends AbstractClientRegistrationPr
            clientOIDC = DescriptionConverter.toExternalResponse(session, client, uri);
            return Response.ok(clientOIDC).build();
        } catch (ClientRegistrationException cre) {
-            logger.clientRegistrationException(cre.getMessage());
+            ServicesLogger.LOGGER.clientRegistrationException(cre.getMessage());
            throw new ErrorResponseException(ErrorCodes.INVALID_CLIENT_METADATA, "Client metadata invalid", Response.Status.BAD_REQUEST);
        }
    }
--- a/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
+++ b/services/src/main/java/org/keycloak/services/managers/ApplianceBootstrap.java
@ -27,7 +27,6 @@ import org.keycloak.models.RoleModel;
 import org.keycloak.models.UserCredentialModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.models.utils.DefaultKeyProviders;
 import org.keycloak.models.utils.KeycloakModelUtils;
 import org.keycloak.representations.idm.CredentialRepresentation;
 import org.keycloak.services.ServicesLogger;
@ -37,7 +36,6 @@ import org.keycloak.services.ServicesLogger;
 */
 public class ApplianceBootstrap {
    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
    private final KeycloakSession session;
    public ApplianceBootstrap(KeycloakSession session) {
@ -63,7 +61,7 @@ public class ApplianceBootstrap {
        }
        String adminRealmName = Config.getAdminRealm();
-        logger.initializingAdminRealm(adminRealmName);
+        ServicesLogger.LOGGER.initializingAdminRealm(adminRealmName);
        RealmManager manager = new RealmManager(session);
        manager.setContextPath(contextPath);
--- a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
@ -224,7 +224,7 @@ public class AuthenticationManager {
                    protocol.backchannelLogout(userSession, clientSession);
                    clientSession.setAction(ClientSessionModel.Action.LOGGED_OUT.name());
                } catch (Exception e) {
-                    ServicesLogger.ROOT_LOGGER.failedToLogoutClient(e);
+                    ServicesLogger.LOGGER.failedToLogoutClient(e);
                }
            }
        }
@ -245,7 +245,7 @@ public class AuthenticationManager {
                    return response;
                }
            } catch (Exception e) {
-                ServicesLogger.ROOT_LOGGER.failedToLogoutClient(e);
+                ServicesLogger.LOGGER.failedToLogoutClient(e);
            }
        }
--- a/services/src/main/java/org/keycloak/services/managers/ClientManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ClientManager.java
@ -18,6 +18,7 @@ package org.keycloak.services.managers;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.annotation.JsonPropertyOrder;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.ClientAuthenticator;
 import org.keycloak.authentication.ClientAuthenticatorFactory;
 import org.keycloak.common.constants.ServiceAccountConstants;
@ -37,7 +38,6 @@ import org.keycloak.protocol.oidc.mappers.UserSessionNoteMapper;
 import org.keycloak.representations.adapters.config.BaseRealmConfig;
 import org.keycloak.representations.adapters.config.PolicyEnforcerConfig;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.services.ServicesLogger;
 import java.net.URI;
 import java.util.Collections;
@ -52,7 +52,7 @@ import java.util.TreeSet;
 * @version $Revision: 1 $
 */
 public class ClientManager {
-    protected ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ClientManager.class);
    protected RealmManager realmManager;
--- a/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java
+++ b/services/src/main/java/org/keycloak/services/managers/DefaultBruteForceProtector.java
@ -17,6 +17,7 @@
 package org.keycloak.services.managers;
 import org.jboss.logging.Logger;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.common.util.Time;
 import org.keycloak.models.KeycloakSession;
@ -39,7 +40,7 @@ import java.util.concurrent.TimeUnit;
 * @version $Revision: 1 $
 */
 public class DefaultBruteForceProtector implements Runnable, BruteForceProtector {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(DefaultBruteForceProtector.class);
    protected volatile boolean run = true;
    protected int maxDeltaTimeSeconds = 60 * 60 * 12; // 12 hours
@ -202,7 +203,7 @@ public class DefaultBruteForceProtector implements Runnable, BruteForceProtector
                            session.close();
                        }
                    } catch (Exception e) {
-                        logger.failedProcessingType(e);
+                        ServicesLogger.LOGGER.failedProcessingType(e);
                    }
                } catch (InterruptedException e) {
                    break;
@ -214,7 +215,7 @@ public class DefaultBruteForceProtector implements Runnable, BruteForceProtector
    }
    protected void logFailure(LoginEvent event) {
-        logger.loginFailure(event.userId, event.ip);
+        ServicesLogger.LOGGER.loginFailure(event.userId, event.ip);
        failures++;
        long delta = 0;
        if (lastFailure > 0) {
--- a/services/src/main/java/org/keycloak/services/managers/LDAPConnectionTestManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/LDAPConnectionTestManager.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.managers;
 import org.jboss.logging.Logger;
 import org.keycloak.models.LDAPConstants;
 import org.keycloak.services.ServicesLogger;
@ -29,14 +30,14 @@ import java.util.Hashtable;
 */
 public class LDAPConnectionTestManager {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(LDAPConnectionTestManager.class);
    public static final String TEST_CONNECTION = "testConnection";
    public static final String TEST_AUTHENTICATION = "testAuthentication";
    public boolean testLDAP(String action, String connectionUrl, String bindDn, String bindCredential, String useTruststoreSpi) {
        if (!TEST_CONNECTION.equals(action) && !TEST_AUTHENTICATION.equals(action)) {
-            logger.unknownAction(action);
+            ServicesLogger.LOGGER.unknownAction(action);
            return false;
        }
@ -73,14 +74,14 @@ public class LDAPConnectionTestManager {
            return true;
        } catch (Exception ne) {
            String errorMessage = (TEST_AUTHENTICATION.equals(action)) ? "Error when authenticating to LDAP: " : "Error when connecting to LDAP: ";
-            logger.errorAuthenticating(ne, errorMessage + ne.getMessage());
+            ServicesLogger.LOGGER.errorAuthenticating(ne, errorMessage + ne.getMessage());
            return false;
        } finally {
            if (ldapContext != null) {
                try {
                    ldapContext.close();
                } catch (NamingException ne) {
-                    logger.errorClosingLDAP(ne);
+                    ServicesLogger.LOGGER.errorClosingLDAP(ne);
                }
            }
        }
--- a/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/ResourceAdminManager.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.managers;
 import org.jboss.logging.Logger;
 import org.keycloak.TokenIdGenerator;
 import org.keycloak.common.util.KeycloakUriBuilder;
 import org.keycloak.common.util.MultivaluedHashMap;
@ -53,7 +54,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class ResourceAdminManager {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ResourceAdminManager.class);
    private static final String CLIENT_SESSION_HOST_PROPERTY = "${application.session.host}";
    private KeycloakSession session;
@ -253,7 +254,7 @@ public class ResourceAdminManager {
            logger.debugf("logout success for %s: %s", managementUrl, success);
            return success;
        } catch (IOException e) {
-            logger.logoutFailed(e, resource.getClientId());
+            ServicesLogger.LOGGER.logoutFailed(e, resource.getClientId());
            return false;
        }
    }
@ -304,7 +305,7 @@ public class ResourceAdminManager {
            logger.debugf("pushRevocation success for %s: %s", managementUrl, success);
            return success;
        } catch (IOException e) {
-            logger.failedToSendRevocation(e);
+            ServicesLogger.LOGGER.failedToSendRevocation(e);
            return false;
        }
    }
@ -342,7 +343,7 @@ public class ResourceAdminManager {
            logger.debugf("testAvailability success for %s: %s", managementUrl, success);
            return success;
        } catch (IOException e) {
-            logger.availabilityTestFailed(managementUrl);
+            ServicesLogger.LOGGER.availabilityTestFailed(managementUrl);
            return false;
        }
   }
--- a/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/UserSessionManager.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.managers;
 import org.jboss.logging.Logger;
 import org.keycloak.common.util.Time;
 import org.keycloak.models.ClientModel;
 import org.keycloak.models.ClientSessionModel;
@ -41,7 +42,7 @@ import java.util.Set;
 */
 public class UserSessionManager {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UserSessionManager.class);
    private final KeycloakSession kcSession;
    private final UserSessionPersisterProvider persister;
@ -136,7 +137,7 @@ public class UserSessionManager {
    public boolean isOfflineTokenAllowed(ClientSessionModel clientSession) {
        RoleModel offlineAccessRole = clientSession.getRealm().getRole(Constants.OFFLINE_ACCESS_ROLE);
        if (offlineAccessRole == null) {
-            logger.roleNotInRealm(Constants.OFFLINE_ACCESS_ROLE);
+            ServicesLogger.LOGGER.roleNotInRealm(Constants.OFFLINE_ACCESS_ROLE);
            return false;
        }
--- a/services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/UserStorageSyncManager.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.managers;
 import org.jboss.logging.Logger;
 import org.keycloak.cluster.ClusterEvent;
 import org.keycloak.cluster.ClusterListener;
 import org.keycloak.cluster.ClusterProvider;
@ -44,7 +45,7 @@ public class UserStorageSyncManager {
    private static final String USER_STORAGE_TASK_KEY = "user-storage";
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UserStorageSyncManager.class);
    /**
     * Check federationProviderModel of all realms and possibly start periodic sync for them
@ -194,7 +195,7 @@ public class UserStorageSyncManager {
                            logger.debugf("Ignored periodic full sync with storage provider %s due small time since last sync", provider.getName());
                        }
                    } catch (Throwable t) {
-                        logger.errorDuringFullUserSync(t);
+                        ServicesLogger.LOGGER.errorDuringFullUserSync(t);
                    }
                }
@ -217,7 +218,7 @@ public class UserStorageSyncManager {
                            logger.debugf("Ignored periodic changed-users sync with storage provider %s due small time since last sync", provider.getName());
                        }
                    } catch (Throwable t) {
-                        logger.errorDuringChangedUserSync(t);
+                        ServicesLogger.LOGGER.errorDuringChangedUserSync(t);
                    }
                }
--- a/services/src/main/java/org/keycloak/services/managers/UsersSyncManager.java
+++ b/services/src/main/java/org/keycloak/services/managers/UsersSyncManager.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.managers;
 import org.jboss.logging.Logger;
 import org.keycloak.cluster.ClusterEvent;
 import org.keycloak.cluster.ClusterListener;
 import org.keycloak.cluster.ClusterProvider;
@ -43,7 +44,7 @@ public class UsersSyncManager {
    private static final String FEDERATION_TASK_KEY = "federation";
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UsersSyncManager.class);
    /**
     * Check federationProviderModel of all realms and possibly start periodic sync for them
@ -177,7 +178,7 @@ public class UsersSyncManager {
                            logger.debugf("Ignored periodic full sync with federation provider %s due small time since last sync", fedProvider.getDisplayName());
                        }
                    } catch (Throwable t) {
-                        logger.errorDuringFullUserSync(t);
+                        ServicesLogger.LOGGER.errorDuringFullUserSync(t);
                    }
                }
@ -200,7 +201,7 @@ public class UsersSyncManager {
                            logger.debugf("Ignored periodic changed-users sync with federation provider %s due small time since last sync", fedProvider.getDisplayName());
                        }
                    } catch (Throwable t) {
-                        logger.errorDuringChangedUserSync(t);
+                        ServicesLogger.LOGGER.errorDuringChangedUserSync(t);
                    }
                }
--- a/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AbstractSecuredLocalService.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.keycloak.AbstractOAuthClient;
@ -29,7 +30,6 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.models.utils.KeycloakModelUtils;
 import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
 import org.keycloak.services.ForbiddenException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.AppAuthManager;
 import org.keycloak.services.managers.Auth;
 import org.keycloak.services.managers.AuthenticationManager;
@ -57,7 +57,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public abstract class AbstractSecuredLocalService {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(AbstractSecuredLocalService.class);
    private static final String KEYCLOAK_STATE_CHECKER = "KEYCLOAK_STATE_CHECKER";
--- a/services/src/main/java/org/keycloak/services/resources/AccountService.java
+++ b/services/src/main/java/org/keycloak/services/resources/AccountService.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.keycloak.common.util.UriUtils;
 import org.keycloak.credential.CredentialModel;
 import org.keycloak.events.Details;
@ -86,7 +87,7 @@ import java.util.UUID;
 */
 public class AccountService extends AbstractSecuredLocalService {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(AccountService.class);
    private static Set<String> VALID_PATHS = new HashSet<String>();
    static {
@ -643,12 +644,12 @@ public class AccountService extends AbstractSecuredLocalService {
            errorEvent.error(Errors.NOT_ALLOWED);
            return account.setError(Messages.READ_ONLY_PASSWORD).createResponse(AccountPages.PASSWORD);
        } catch (ModelException me) {
-            logger.failedToUpdatePassword(me);
+            ServicesLogger.LOGGER.failedToUpdatePassword(me);
            setReferrerOnPage();
            errorEvent.detail(Details.REASON, me.getMessage()).error(Errors.PASSWORD_REJECTED);
            return account.setError(me.getMessage(), me.getParameters()).createResponse(AccountPages.PASSWORD);
        } catch (Exception ape) {
-            logger.failedToUpdatePassword(ape);
+            ServicesLogger.LOGGER.failedToUpdatePassword(ape);
            setReferrerOnPage();
            errorEvent.detail(Details.REASON, ape.getMessage()).error(Errors.PASSWORD_REJECTED);
            return account.setError(ape.getMessage()).createResponse(AccountPages.PASSWORD);
--- a/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
+++ b/services/src/main/java/org/keycloak/services/resources/ClientsManagementService.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.UnauthorizedException;
@ -33,7 +34,6 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.oidc.utils.AuthorizeClientUtil;
 import org.keycloak.representations.idm.OAuth2ErrorRepresentation;
 import org.keycloak.services.ForbiddenException;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.HeaderParam;
 import javax.ws.rs.POST;
@ -53,7 +53,7 @@ import javax.ws.rs.ext.Providers;
 */
 public class ClientsManagementService {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ClientsManagementService.class);
    private RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/Cors.java
+++ b/services/src/main/java/org/keycloak/services/resources/Cors.java
@ -16,12 +16,12 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.HttpResponse;
 import org.keycloak.common.util.CollectionUtil;
 import org.keycloak.models.ClientModel;
 import org.keycloak.representations.AccessToken;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
@ -34,7 +34,7 @@ import java.util.concurrent.TimeUnit;
 * @author <a href="mailto:sthorger@redhat.com">Stian Thorgersen</a>
 */
 public class Cors {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(Cors.class);
    public static final long DEFAULT_MAX_AGE = TimeUnit.HOURS.toSeconds(1);
    public static final String DEFAULT_ALLOW_METHODS = "GET, HEAD, OPTIONS";
--- a/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
+++ b/services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.OAuth2Constants;
@ -99,7 +100,7 @@ import static org.keycloak.models.Constants.ACCOUNT_MANAGEMENT_CLIENT_ID;
 */
 public class IdentityBrokerService implements IdentityProvider.AuthenticationCallback {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(IdentityBrokerService.class);
    private final RealmModel realmModel;
@ -856,7 +857,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
                    this.session.getTransactionManager().commit();
                }
            } catch (Exception e) {
-                logger.couldNotFireEvent(e);
+                ServicesLogger.LOGGER.couldNotFireEvent(e);
                rollback();
            }
        }
--- a/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
+++ b/services/src/main/java/org/keycloak/services/resources/KeycloakApplication.java
@ -20,6 +20,7 @@ import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import org.jboss.dmr.ModelNode;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.core.Dispatcher;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.Config;
@ -87,7 +88,7 @@ public class KeycloakApplication extends Application {
    public static final String KEYCLOAK_EMBEDDED = "keycloak.embedded";
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(KeycloakApplication.class);
    protected boolean embedded = false;
@ -265,14 +266,14 @@ public class KeycloakApplication extends Application {
            String dmrConfig = loadDmrConfig(context);
            if (dmrConfig != null) {
                node = new ObjectMapper().readTree(dmrConfig);
-                logger.loadingFrom("standalone.xml or domain.xml");
+                ServicesLogger.LOGGER.loadingFrom("standalone.xml or domain.xml");
            }
            String configDir = System.getProperty("jboss.server.config.dir");
            if (node == null && configDir != null) {
                File f = new File(configDir + File.separator + "keycloak-server.json");
                if (f.isFile()) {
-                    logger.loadingFrom(f.getAbsolutePath());
+                    ServicesLogger.LOGGER.loadingFrom(f.getAbsolutePath());
                    node = new ObjectMapper().readTree(f);
                }
            }
@ -280,7 +281,7 @@ public class KeycloakApplication extends Application {
            if (node == null) {
                URL resource = Thread.currentThread().getContextClassLoader().getResource("META-INF/keycloak-server.json");
                if (resource != null) {
-                    logger.loadingFrom(resource);
+                    ServicesLogger.LOGGER.loadingFrom(resource);
                    node = new ObjectMapper().readTree(resource);
                }
            }
@ -370,23 +371,23 @@ public class KeycloakApplication extends Application {
                manager.setContextPath(getContextPath());
                if (rep.getId() != null && manager.getRealm(rep.getId()) != null) {
-                    logger.realmExists(rep.getRealm(), from);
+                    ServicesLogger.LOGGER.realmExists(rep.getRealm(), from);
                    exists = true;
                }
                if (manager.getRealmByName(rep.getRealm()) != null) {
-                    logger.realmExists(rep.getRealm(), from);
+                    ServicesLogger.LOGGER.realmExists(rep.getRealm(), from);
                    exists = true;
                }
                if (!exists) {
                    RealmModel realm = manager.importRealm(rep);
-                    logger.importedRealm(realm.getName(), from);
+                    ServicesLogger.LOGGER.importedRealm(realm.getName(), from);
                }
                session.getTransactionManager().commit();
            } catch (Throwable t) {
                session.getTransactionManager().rollback();
                if (!exists) {
-                    logger.unableToImportRealm(t, rep.getRealm(), from);
+                    ServicesLogger.LOGGER.unableToImportRealm(t, rep.getRealm(), from);
                }
            }
        } finally {
@ -399,14 +400,14 @@ public class KeycloakApplication extends Application {
        if (configDir != null) {
            File addUserFile = new File(configDir + File.separator + "keycloak-add-user.json");
            if (addUserFile.isFile()) {
-                logger.imprtingUsersFrom(addUserFile);
+                ServicesLogger.LOGGER.imprtingUsersFrom(addUserFile);
                List<RealmRepresentation> realms;
                try {
                    realms = JsonSerialization.readValue(new FileInputStream(addUserFile), new TypeReference<List<RealmRepresentation>>() {
                    });
                } catch (IOException e) {
-                    logger.failedToLoadUsers(e);
+                    ServicesLogger.LOGGER.failedToLoadUsers(e);
                    return;
                }
@ -418,7 +419,7 @@ public class KeycloakApplication extends Application {
                            RealmModel realm = session.realms().getRealmByName(realmRep.getRealm());
                            if (realm == null) {
-                                logger.addUserFailedRealmNotFound(userRep.getUsername(), realmRep.getRealm());
+                                ServicesLogger.LOGGER.addUserFailedRealmNotFound(userRep.getUsername(), realmRep.getRealm());
                            } else {
                                UserModel user = session.users().addUser(realm, userRep.getUsername());
                                user.setEnabled(userRep.isEnabled());
@ -427,13 +428,13 @@ public class KeycloakApplication extends Application {
                            }
                            session.getTransactionManager().commit();
-                            logger.addUserSuccess(userRep.getUsername(), realmRep.getRealm());
+                            ServicesLogger.LOGGER.addUserSuccess(userRep.getUsername(), realmRep.getRealm());
                        } catch (ModelDuplicateException e) {
                            session.getTransactionManager().rollback();
-                            logger.addUserFailedUserExists(userRep.getUsername(), realmRep.getRealm());
+                            ServicesLogger.LOGGER.addUserFailedUserExists(userRep.getUsername(), realmRep.getRealm());
                        } catch (Throwable t) {
                            session.getTransactionManager().rollback();
-                            logger.addUserFailed(t, userRep.getUsername(), realmRep.getRealm());
+                            ServicesLogger.LOGGER.addUserFailed(t, userRep.getUsername(), realmRep.getRealm());
                        } finally {
                            session.close();
                        }
@ -441,7 +442,7 @@ public class KeycloakApplication extends Application {
                }
                if (!addUserFile.delete()) {
-                    logger.failedToDeleteFile(addUserFile.getAbsolutePath());
+                    ServicesLogger.LOGGER.failedToDeleteFile(addUserFile.getAbsolutePath());
                }
            }
        }
--- a/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
+++ b/services/src/main/java/org/keycloak/services/resources/LoginActionsService.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.keycloak.OAuth2Constants;
 import org.keycloak.authentication.AuthenticationProcessor;
@ -86,7 +87,7 @@ import java.net.URI;
 */
 public class LoginActionsService {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(LoginActionsService.class);
    public static final String ACTION_COOKIE = "KEYCLOAK_ACTION";
    public static final String AUTHENTICATE_PATH = "authenticate";
@ -239,7 +240,7 @@ public class LoginActionsService {
                            return false;
                        }
                    } catch (Exception e) {
-                        logger.failedToParseRestartLoginCookie(e);
+                        ServicesLogger.LOGGER.failedToParseRestartLoginCookie(e);
                    }
                }
                event.error(Errors.INVALID_CODE);
@ -281,7 +282,7 @@ public class LoginActionsService {
            final UserSessionModel userSession = clientSession.getUserSession();
            if (userSession == null) {
-                logger.userSessionNull();
+                ServicesLogger.LOGGER.userSessionNull();
                event.error(Errors.USER_SESSION_NOT_FOUND);
                throw new WebApplicationException(ErrorPage.error(session, Messages.SESSION_NOT_ACTIVE));
            }
@ -579,7 +580,7 @@ public class LoginActionsService {
        String noteKey = firstBrokerLogin ? AbstractIdpAuthenticator.BROKERED_CONTEXT_NOTE : PostBrokerLoginConstants.PBL_BROKERED_IDENTITY_CONTEXT;
        SerializedBrokeredIdentityContext serializedCtx = SerializedBrokeredIdentityContext.readFromClientSession(clientSessionn, noteKey);
        if (serializedCtx == null) {
-            logger.notFoundSerializedCtxInClientSession(noteKey);
+            ServicesLogger.LOGGER.notFoundSerializedCtxInClientSession(noteKey);
            throw new WebApplicationException(ErrorPage.error(session, "Not found serialized context in clientSession."));
        }
        BrokeredIdentityContext brokerContext = serializedCtx.deserialize(session, clientSessionn);
@ -587,12 +588,12 @@ public class LoginActionsService {
        String flowId = firstBrokerLogin ? brokerContext.getIdpConfig().getFirstBrokerLoginFlowId() : brokerContext.getIdpConfig().getPostBrokerLoginFlowId();
        if (flowId == null) {
-            logger.flowNotConfigForIDP(identityProviderAlias);
+            ServicesLogger.LOGGER.flowNotConfigForIDP(identityProviderAlias);
            throw new WebApplicationException(ErrorPage.error(session, "Flow not configured for identity provider"));
        }
        AuthenticationFlowModel brokerLoginFlow = realm.getAuthenticationFlowById(flowId);
        if (brokerLoginFlow == null) {
-            logger.flowNotFoundForIDP(flowId, identityProviderAlias);
+            ServicesLogger.LOGGER.flowNotFoundForIDP(flowId, identityProviderAlias);
            throw new WebApplicationException(ErrorPage.error(session, "Flow not found for identity provider"));
        }
@ -702,7 +703,7 @@ public class LoginActionsService {
            ClientSessionCode accessCode = checks.clientCode;
            ClientSessionModel clientSession = accessCode.getClientSession();
            if (!ClientSessionModel.Action.VERIFY_EMAIL.name().equals(clientSession.getNote(AuthenticationManager.CURRENT_REQUIRED_ACTION))) {
-                logger.reqdActionDoesNotMatch();
+                ServicesLogger.LOGGER.reqdActionDoesNotMatch();
                event.error(Errors.INVALID_CODE);
                throw new WebApplicationException(ErrorPage.error(session, Messages.STALE_VERIFY_EMAIL_LINK));
            }
@ -715,7 +716,7 @@ public class LoginActionsService {
            String keyFromSession = clientSession.getNote(Constants.VERIFY_EMAIL_KEY);
            clientSession.removeNote(Constants.VERIFY_EMAIL_KEY);
            if (!key.equals(keyFromSession)) {
-                logger.invalidKeyForEmailVerification();
+                ServicesLogger.LOGGER.invalidKeyForEmailVerification();
                event.error(Errors.INVALID_USER_CREDENTIALS);
                throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE));
            }
@ -859,7 +860,7 @@ public class LoginActionsService {
        RequiredActionFactory factory = (RequiredActionFactory)session.getKeycloakSessionFactory().getProviderFactory(RequiredActionProvider.class, action);
        if (factory == null) {
-            logger.actionProviderNull();
+            ServicesLogger.LOGGER.actionProviderNull();
            event.error(Errors.INVALID_CODE);
            throw new WebApplicationException(ErrorPage.error(session, Messages.INVALID_CODE));
        }
--- a/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/PublicRealmResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.HttpResponse;
@ -24,7 +25,6 @@ import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
 import org.keycloak.representations.idm.PublishedRealmRepresentation;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.resources.admin.AdminRoot;
 import javax.ws.rs.GET;
@ -43,7 +43,7 @@ import javax.ws.rs.core.UriInfo;
 * @version $Revision: 1 $
 */
 public class PublicRealmResource {
-    protected static final  ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(PublicRealmResource.class);
    @Context
    protected UriInfo uriInfo;
--- a/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/RealmsResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.authorization.AuthorizationProvider;
@ -29,7 +30,6 @@ import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.LoginProtocol;
 import org.keycloak.protocol.LoginProtocolFactory;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.clientregistration.ClientRegistrationService;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.resource.RealmResourceProvider;
@ -57,7 +57,7 @@ import java.net.URI;
 */
@Path("/realms")
 public class RealmsResource {
-    protected static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(RealmsResource.class);
    @Context
    protected KeycloakSession session;
--- a/services/src/main/java/org/keycloak/services/resources/ServerVersionResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/ServerVersionResource.java
@ -16,11 +16,11 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.HttpResponse;
 import org.keycloak.representations.VersionRepresentation;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.GET;
 import javax.ws.rs.OPTIONS;
@ -37,7 +37,7 @@ import javax.ws.rs.core.Response;
@Path("/version")
 public class ServerVersionResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ServerVersionResource.class);
    @Context
    protected HttpRequest request;
--- a/services/src/main/java/org/keycloak/services/resources/ThemeResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/ThemeResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.keycloak.common.Version;
 import org.keycloak.common.util.MimeTypeUtil;
 import org.keycloak.models.KeycloakSession;
@ -39,7 +40,7 @@ import java.io.InputStream;
@Path("/resources")
 public class ThemeResource {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ThemeResource.class);
    @Context
    private KeycloakSession session;
@ -69,7 +70,7 @@ public class ThemeResource {
                return Response.status(Response.Status.NOT_FOUND).build();
            }
        } catch (Exception e) {
-            logger.failedToGetThemeRequest(e);
+            ServicesLogger.LOGGER.failedToGetThemeRequest(e);
            return Response.serverError().build();
        }
    }
--- a/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/WelcomeResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.common.util.MimeTypeUtil;
@ -63,7 +64,7 @@ import java.util.Map;
@Path("/")
 public class WelcomeResource {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(WelcomeResource.class);
    private static final String KEYCLOAK_STATE_CHECKER = "KEYCLOAK_STATE_CHECKER";
@ -110,7 +111,7 @@ public class WelcomeResource {
            return createWelcomePage(null, null);
        } else {
            if (!isLocal()) {
-                logger.rejectedNonLocalAttemptToCreateInitialUser(session.getContext().getConnection().getRemoteAddr());
+                ServicesLogger.LOGGER.rejectedNonLocalAttemptToCreateInitialUser(session.getContext().getConnection().getRemoteAddr());
                throw new WebApplicationException(Response.Status.BAD_REQUEST);
            }
@ -139,10 +140,10 @@ public class WelcomeResource {
                bootstrap = false;
                applianceBootstrap.createMasterRealmUser(username, password);
-                logger.createdInitialAdminUser(username);
+                ServicesLogger.LOGGER.createdInitialAdminUser(username);
                return createWelcomePage("User created", null);
            } else {
-                logger.initialUserAlreadyCreated();
+                ServicesLogger.LOGGER.initialUserAlreadyCreated();
                return createWelcomePage(null, "Users already exists");
            }
        }
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminConsole.java
@ -17,6 +17,7 @@
 package org.keycloak.services.resources.admin;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.HttpResponse;
@ -32,7 +33,6 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.models.RoleModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.protocol.oidc.OIDCLoginProtocolService;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.Urls;
 import org.keycloak.services.managers.AppAuthManager;
 import org.keycloak.services.managers.AuthenticationManager;
@ -70,7 +70,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class AdminConsole {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(AdminConsole.class);
    @Context
    protected UriInfo uriInfo;
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminEventBuilder.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.common.util.Time;
 import org.keycloak.events.EventListenerProvider;
@ -38,7 +39,7 @@ import java.util.List;
 public class AdminEventBuilder {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(AdminEventBuilder.class);
    private EventStoreProvider store;
    private List<EventListenerProvider> listeners;
@ -54,7 +55,7 @@ public class AdminEventBuilder {
            if (store != null) {
                this.store = store;
            } else {
-                logger.noEventStoreProvider();
+                ServicesLogger.LOGGER.noEventStoreProvider();
            }
        }
@ -65,7 +66,7 @@ public class AdminEventBuilder {
                if (listener != null) {
                    listeners.add(listener);
                } else {
-                    logger.providerNotFound(id);
+                    ServicesLogger.LOGGER.providerNotFound(id);
                }
            }
        }
@ -214,7 +215,7 @@ public class AdminEventBuilder {
            try {
                store.onEvent(adminEvent, includeRepresentation);
            } catch (Throwable t) {
-                logger.failedToSaveEvent(t);
+                ServicesLogger.LOGGER.failedToSaveEvent(t);
            }
        }
@ -223,7 +224,7 @@ public class AdminEventBuilder {
                try {
                    l.onEvent(adminEvent, includeRepresentation);
                } catch (Throwable t) {
-                    logger.failedToSendType(t, l);
+                    ServicesLogger.LOGGER.failedToSendType(t, l);
                }
            }
        }
--- a/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AdminRoot.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.HttpRequest;
 import org.jboss.resteasy.spi.HttpResponse;
 import org.jboss.resteasy.spi.NoLogWebApplicationException;
@ -32,7 +33,6 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.protocol.oidc.TokenManager;
 import org.keycloak.representations.AccessToken;
 import org.keycloak.services.ForbiddenException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.AppAuthManager;
 import org.keycloak.services.managers.AuthenticationManager;
 import org.keycloak.services.managers.RealmManager;
@ -61,7 +61,7 @@ import java.util.Properties;
 */
@Path("/admin")
 public class AdminRoot {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(AdminRoot.class);
    @Context
    protected UriInfo uriInfo;
--- a/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AttackDetectionResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.events.admin.OperationType;
@ -24,7 +25,6 @@ import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.models.UserLoginFailureModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.BruteForceProtector;
 import javax.ws.rs.DELETE;
@ -46,7 +46,7 @@ import java.util.Map;
 * @version $Revision: 1 $
 */
 public class AttackDetectionResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(AttackDetectionResource.class);
    protected RealmAuth auth;
    protected RealmModel realm;
    private AdminEventBuilder adminEvent;
--- a/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/AuthenticationManagementResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.NotFoundException;
@ -48,7 +49,6 @@ import org.keycloak.representations.idm.AuthenticatorConfigRepresentation;
 import org.keycloak.representations.idm.ConfigPropertyRepresentation;
 import org.keycloak.representations.idm.RequiredActionProviderRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.utils.CredentialHelper;
 import javax.ws.rs.Consumes;
@ -83,7 +83,7 @@ public class AuthenticationManagementResource {
    @Context
    private UriInfo uriInfo;
-    private static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(AuthenticationManagementResource.class);
    public AuthenticationManagementResource(RealmModel realm, KeycloakSession session, RealmAuth auth, AdminEventBuilder adminEvent) {
        this.realm = realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
@ -43,9 +44,7 @@ import org.keycloak.representations.idm.UserRepresentation;
 import org.keycloak.representations.idm.UserSessionRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.clientregistration.ClientRegistrationTokenUtils;
 import org.keycloak.services.clientregistration.RegistrationAccessToken;
 import org.keycloak.services.clientregistration.policy.RegistrationAuth;
 import org.keycloak.services.managers.ClientManager;
 import org.keycloak.services.managers.RealmManager;
@ -86,7 +85,7 @@ import static java.lang.Boolean.TRUE;
 * @version $Revision: 1 $
 */
 public class ClientResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ClientResource.class);
    protected RealmModel realm;
    private RealmAuth auth;
    private AdminEventBuilder adminEvent;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientRoleMappingsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientRoleMappingsResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.events.admin.OperationType;
@ -29,7 +30,6 @@ import org.keycloak.models.RoleModel;
 import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@ -53,7 +53,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class ClientRoleMappingsResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ClientRoleMappingsResource.class);
    protected KeycloakSession session;
    protected RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplateResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
@ -30,7 +31,6 @@ import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.models.utils.RepresentationToModel;
 import org.keycloak.representations.idm.ClientTemplateRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.resources.KeycloakApplication;
 import javax.ws.rs.Consumes;
@ -52,7 +52,7 @@ import javax.ws.rs.core.UriInfo;
 * @version $Revision: 1 $
 */
 public class ClientTemplateResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ClientTemplateResource.class);
    protected RealmModel realm;
    private RealmAuth auth;
    private AdminEventBuilder adminEvent;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplatesResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientTemplatesResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.events.admin.OperationType;
@ -28,7 +29,6 @@ import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.models.utils.RepresentationToModel;
 import org.keycloak.representations.idm.ClientTemplateRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
@ -50,7 +50,7 @@ import java.util.List;
 * @version $Revision: 1 $
 */
 public class ClientTemplatesResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ClientTemplatesResource.class);
    protected RealmModel realm;
    private RealmAuth auth;
    private AdminEventBuilder adminEvent;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ClientsResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
 import org.keycloak.events.admin.OperationType;
@ -28,7 +29,6 @@ import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.ClientManager;
 import org.keycloak.services.validation.ClientValidator;
 import org.keycloak.services.validation.PairwiseClientValidator;
@ -56,7 +56,7 @@ import java.util.Properties;
 * @version $Revision: 1 $
 */
 public class ClientsResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ClientsResource.class);
    protected RealmModel realm;
    private RealmAuth auth;
    private AdminEventBuilder adminEvent;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ComponentResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.common.ClientConnection;
 import org.keycloak.component.ComponentModel;
@ -27,7 +28,6 @@ import org.keycloak.models.utils.ModelToRepresentation;
 import org.keycloak.models.utils.RepresentationToModel;
 import org.keycloak.representations.idm.ComponentRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@ -52,7 +52,7 @@ import java.util.List;
 * @version $Revision: 1 $
 */
 public class ComponentResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ComponentResource.class);
    protected RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/IdentityProviderResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.broker.provider.IdentityProvider;
@ -41,7 +42,6 @@ import org.keycloak.representations.idm.IdentityProviderMapperRepresentation;
 import org.keycloak.representations.idm.IdentityProviderMapperTypeRepresentation;
 import org.keycloak.representations.idm.IdentityProviderRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@ -67,7 +67,7 @@ import java.util.Map;
 */
 public class IdentityProviderResource {
-    private static ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(IdentityProviderResource.class);
    private final RealmAuth auth;
    private final RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/ProtocolMappersResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.events.admin.OperationType;
@ -32,7 +33,6 @@ import org.keycloak.protocol.ProtocolMapperConfigException;
 import org.keycloak.representations.idm.ProtocolMapperRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.resources.admin.RealmAuth.Resource;
 import javax.ws.rs.Consumes;
@ -59,7 +59,7 @@ import java.util.Properties;
 * @version $Revision: 1 $
 */
 public class ProtocolMappersResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(ProtocolMappersResource.class);
    protected RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmAdminResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.NotFoundException;
@ -54,24 +55,18 @@ import org.keycloak.provider.ProviderFactory;
 import org.keycloak.representations.adapters.action.GlobalRequestResult;
 import org.keycloak.representations.idm.AdminEventRepresentation;
 import org.keycloak.representations.idm.ClientRepresentation;
 import org.keycloak.representations.idm.ComponentTypeRepresentation;
 import org.keycloak.representations.idm.EventRepresentation;
 import org.keycloak.representations.idm.GroupRepresentation;
 import org.keycloak.representations.idm.PartialImportRepresentation;
 import org.keycloak.representations.idm.RealmEventsConfigRepresentation;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.representations.info.SpiInfoRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.clientregistration.policy.ClientRegistrationPolicy;
 import org.keycloak.services.clientregistration.policy.ClientRegistrationPolicySpi;
 import org.keycloak.services.managers.AuthenticationManager;
 import org.keycloak.services.managers.LDAPConnectionTestManager;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.managers.ResourceAdminManager;
 import org.keycloak.services.managers.UsersSyncManager;
 import org.keycloak.services.resources.admin.RealmAuth.Resource;
 import org.keycloak.services.resources.admin.info.ServerInfoAdminResource;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@ -106,7 +101,7 @@ import java.util.regex.PatternSyntaxException;
 * @version $Revision: 1 $
 */
 public class RealmAdminResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(RealmAdminResource.class);
    protected RealmAuth auth;
    protected RealmModel realm;
    private TokenManager tokenManager;
--- a/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RealmsAdminResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
@ -31,7 +32,6 @@ import org.keycloak.protocol.oidc.TokenManager;
 import org.keycloak.representations.idm.RealmRepresentation;
 import org.keycloak.services.ErrorResponse;
 import org.keycloak.services.ForbiddenException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.RealmManager;
 import org.keycloak.services.resources.KeycloakApplication;
@ -58,7 +58,7 @@ import java.util.List;
 * @version $Revision: 1 $
 */
 public class RealmsAdminResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(RealmsAdminResource.class);
    protected AdminAuth auth;
    protected TokenManager tokenManager;
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleByIdResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.events.admin.OperationType;
@ -26,7 +27,6 @@ import org.keycloak.models.RealmModel;
 import org.keycloak.models.RoleModel;
 import org.keycloak.models.UserModel;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.services.ServicesLogger;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.DELETE;
@ -49,7 +49,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class RoleByIdResource extends RoleResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(RoleByIdResource.class);
    private final RealmModel realm;
    private final RealmAuth auth;
    private AdminEventBuilder adminEvent;
--- a/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/RoleMapperResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.common.ClientConnection;
@ -32,7 +33,6 @@ import org.keycloak.representations.idm.ClientMappingsRepresentation;
 import org.keycloak.representations.idm.MappingsRepresentation;
 import org.keycloak.representations.idm.RoleRepresentation;
 import org.keycloak.services.ErrorResponseException;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.RealmManager;
 import javax.ws.rs.Consumes;
@ -63,7 +63,7 @@ import java.util.Set;
 * @version $Revision: 1 $
 */
 public class RoleMapperResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    protected static final Logger logger = Logger.getLogger(RoleMapperResource.class);
    protected RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProviderResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.events.admin.OperationType;
@ -71,7 +72,7 @@ import java.util.Properties;
 */
 public class UserFederationProviderResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UserFederationProviderResource.class);
    private final KeycloakSession session;
    private final RealmModel realm;
@ -118,7 +119,7 @@ public class UserFederationProviderResource {
        new UsersSyncManager().notifyToRefreshPeriodicSync(session, realm, model, false);
        boolean kerberosCredsAdded = UserFederationProvidersResource.checkKerberosCredential(session, realm, model);
        if (kerberosCredsAdded) {
-            logger.addedKerberosToRealmCredentials();
+            ServicesLogger.LOGGER.addedKerberosToRealmCredentials();
        }
        adminEvent.operation(OperationType.UPDATE).resourcePath(uriInfo).representation(rep).success();
@ -410,7 +411,7 @@ public class UserFederationProviderResource {
        UserFederationProviderFactory providerFactory = (UserFederationProviderFactory) session.getKeycloakSessionFactory().getProviderFactory(UserFederationProvider.class, providerModel.getProviderName());
        UserFederationProvider federationProvider = providerFactory.getInstance(session, providerModel);
-        logger.syncingDataForMapper(mapperModel.getName(), mapperModel.getFederationMapperType(), direction);
+        ServicesLogger.LOGGER.syncingDataForMapper(mapperModel.getName(), mapperModel.getFederationMapperType(), direction);
        UserFederationSyncResult syncResult;
        if ("fedToKeycloak".equals(direction)) {
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserFederationProvidersResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.jboss.resteasy.spi.ResteasyProviderFactory;
@ -67,7 +68,7 @@ import java.util.Properties;
 * @version $Revision: 1 $
 */
 public class UserFederationProvidersResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UserFederationProvidersResource.class);
    protected RealmModel realm;
@ -208,7 +209,7 @@ public class UserFederationProvidersResource {
        new UsersSyncManager().notifyToRefreshPeriodicSync(session, realm, model, false);
        boolean kerberosCredsAdded = checkKerberosCredential(session, realm, model);
        if (kerberosCredsAdded) {
-            logger.addedKerberosToRealmCredentials();
+            ServicesLogger.LOGGER.addedKerberosToRealmCredentials();
        }
        rep.setId(model.getId());
--- a/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UserStorageProviderResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.NotFoundException;
 import org.keycloak.common.ClientConnection;
@ -23,7 +24,6 @@ import org.keycloak.component.ComponentModel;
 import org.keycloak.events.admin.OperationType;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.services.ServicesLogger;
 import org.keycloak.services.managers.UserStorageSyncManager;
 import org.keycloak.storage.UserStorageProvider;
 import org.keycloak.storage.UserStorageProviderModel;
@ -46,7 +46,7 @@ import java.util.Map;
 * @version $Revision: 1 $
 */
 public class UserStorageProviderResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UserStorageProviderResource.class);
    protected RealmModel realm;
--- a/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
+++ b/services/src/main/java/org/keycloak/services/resources/admin/UsersResource.java
@ -16,6 +16,7 @@
 */
 package org.keycloak.services.resources.admin;
 import org.jboss.logging.Logger;
 import org.jboss.resteasy.annotations.cache.NoCache;
 import org.jboss.resteasy.spi.BadRequestException;
 import org.jboss.resteasy.spi.NotFoundException;
@ -107,7 +108,7 @@ import java.util.concurrent.TimeUnit;
 * @version $Revision: 1 $
 */
 public class UsersResource {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(UsersResource.class);
    protected RealmModel realm;
@ -859,7 +860,7 @@ public class UsersResource {
            return Response.ok().build();
        } catch (EmailException e) {
-            logger.failedToSendActionsEmail(e);
+            ServicesLogger.LOGGER.failedToSendActionsEmail(e);
            return ErrorResponse.error("Failed to send execute actions email", Response.Status.INTERNAL_SERVER_ERROR);
        }
    }
--- a/services/src/main/java/org/keycloak/services/scheduled/ClusterAwareScheduledTaskRunner.java
+++ b/services/src/main/java/org/keycloak/services/scheduled/ClusterAwareScheduledTaskRunner.java
@ -17,6 +17,7 @@
 package org.keycloak.services.scheduled;
 import org.jboss.logging.Logger;
 import org.keycloak.cluster.ClusterProvider;
 import org.keycloak.cluster.ExecutionResult;
 import org.keycloak.models.KeycloakSession;
@ -32,6 +33,8 @@ import java.util.concurrent.Callable;
 */
 public class ClusterAwareScheduledTaskRunner extends ScheduledTaskRunner {
    private static final Logger logger = Logger.getLogger(ClusterAwareScheduledTaskRunner.class);
    private final int intervalSecs;
    public ClusterAwareScheduledTaskRunner(KeycloakSessionFactory sessionFactory, ScheduledTask task, long intervalMillis) {
--- a/services/src/main/java/org/keycloak/services/scheduled/ScheduledTaskRunner.java
+++ b/services/src/main/java/org/keycloak/services/scheduled/ScheduledTaskRunner.java
@ -17,6 +17,7 @@
 package org.keycloak.services.scheduled;
 import org.jboss.logging.Logger;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.services.ServicesLogger;
@ -27,7 +28,7 @@ import org.keycloak.timer.ScheduledTask;
 */
 public class ScheduledTaskRunner implements Runnable {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(ScheduledTaskRunner.class);
    protected final KeycloakSessionFactory sessionFactory;
    protected final ScheduledTask task;
@ -43,14 +44,14 @@ public class ScheduledTaskRunner implements Runnable {
        try {
            runTask(session);
        } catch (Throwable t) {
-            logger.failedToRunScheduledTask(t, task.getClass().getSimpleName());
+            ServicesLogger.LOGGER.failedToRunScheduledTask(t, task.getClass().getSimpleName());
            session.getTransactionManager().rollback();
        } finally {
            try {
                session.close();
            } catch (Throwable t) {
-                logger.failedToCloseProviderSession(t);
+                ServicesLogger.LOGGER.failedToCloseProviderSession(t);
            }
        }
    }
--- a/services/src/main/java/org/keycloak/transaction/JBossJtaTransactionManagerLookup.java
+++ b/services/src/main/java/org/keycloak/transaction/JBossJtaTransactionManagerLookup.java
@ -16,9 +16,9 @@
 */
 package org.keycloak.transaction;
 import org.jboss.logging.Logger;
 import org.keycloak.Config;
 import org.keycloak.models.KeycloakSessionFactory;
 import org.keycloak.services.ServicesLogger;
 import javax.naming.InitialContext;
 import javax.naming.NamingException;
@ -29,7 +29,7 @@ import javax.transaction.TransactionManager;
 * @version $Revision: 1 $
 */
 public class JBossJtaTransactionManagerLookup implements JtaTransactionManagerLookup {
-    private static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(JBossJtaTransactionManagerLookup.class);
    private TransactionManager tm;
    @Override
--- a/services/src/main/java/org/keycloak/utils/CredentialHelper.java
+++ b/services/src/main/java/org/keycloak/utils/CredentialHelper.java
@ -17,6 +17,7 @@
 package org.keycloak.utils;
 import org.jboss.logging.Logger;
 import org.keycloak.authentication.Authenticator;
 import org.keycloak.authentication.AuthenticatorFactory;
 import org.keycloak.authentication.ClientAuthenticator;
@ -28,7 +29,6 @@ import org.keycloak.models.AuthenticationExecutionModel;
 import org.keycloak.models.AuthenticationFlowModel;
 import org.keycloak.models.KeycloakSession;
 import org.keycloak.models.RealmModel;
 import org.keycloak.services.ServicesLogger;
 /**
 * used to set an execution a state based on type.
@ -38,7 +38,7 @@ import org.keycloak.services.ServicesLogger;
 */
 public class CredentialHelper {
-    protected static final ServicesLogger logger = ServicesLogger.ROOT_LOGGER;
+    private static final Logger logger = Logger.getLogger(CredentialHelper.class);
    public static void setRequiredCredential(KeycloakSession session, String type, RealmModel realm) {
        AuthenticationExecutionModel.Requirement requirement = AuthenticationExecutionModel.Requirement.REQUIRED;