Index: lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java
===================================================================
diff -u -rfd43a187f3eba4f64c02caf4ba1fcd86c3255883 -r3128a284bb6912434230a267f5bc17a4ab03ca67
--- lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java	(.../SsoHandler.java)	(revision fd43a187f3eba4f64c02caf4ba1fcd86c3255883)
+++ lams_common/src/java/org/lamsfoundation/lams/integration/security/SsoHandler.java	(.../SsoHandler.java)	(revision 3128a284bb6912434230a267f5bc17a4ab03ca67)
@@ -31,13 +31,13 @@
 
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.lang.math.NumberUtils;
-import org.apache.log4j.Logger;
 import org.lamsfoundation.lams.usermanagement.User;
 import org.lamsfoundation.lams.usermanagement.dto.UserDTO;
 import org.lamsfoundation.lams.usermanagement.service.IUserManagementService;
 import org.lamsfoundation.lams.usermanagement.service.UserManagementService;
 import org.lamsfoundation.lams.util.Configuration;
 import org.lamsfoundation.lams.util.ConfigurationKeys;
+import org.lamsfoundation.lams.util.audit.IAuditService;
 import org.lamsfoundation.lams.web.session.SessionManager;
 import org.lamsfoundation.lams.web.util.AttributeNames;
 import org.springframework.web.context.WebApplicationContext;
@@ -59,7 +59,7 @@
  *
  */
 public class SsoHandler implements ServletExtension {
-    private static Logger log = Logger.getLogger(SsoHandler.class);
+    private static IAuditService auditService = null;
     private static IUserManagementService userManagementService = null;
 
     protected static final String SESSION_KEY = "io.undertow.servlet.form.auth.redirect.location";
@@ -106,16 +106,13 @@
 		    response.sendRedirect("/lams/login.jsp?failed=true");
 		    return;
 		}
+		UserDTO userDTO = user.getUserDTO();
 		String password = request.getParameter("j_password");
 		if (user.getLockOutTime() != null && user.getLockOutTime().getTime() > System.currentTimeMillis()
 			&& password != null && !password.startsWith("#LAMS")) {
 		    response.sendRedirect("/lams/login.jsp?lockedOut=true");
-		    log.debug(user.getFirstName() + " is logged out for " + Configuration.getAsInt(ConfigurationKeys.LOCK_OUT_TIME)
-			    + " mins after " + Configuration.getAsInt(ConfigurationKeys.FAILED_ATTEMPTS)
-			    + " failed attempts.");
 		    return;
 		}
-		UserDTO userDTO = user.getUserDTO();
 
 		// LoginRequestServlet (integrations) and LoginAsAction (sysadmin) set this parameter
 		String redirectURL = request.getParameter("redirectURL");
@@ -199,6 +196,9 @@
 			Long currentTimeMillis = System.currentTimeMillis();
 			Date date = new Date(currentTimeMillis + lockOutTimeMillis);
 			user.setLockOutTime(date);
+			getAuditService(session.getServletContext()).log(userDTO, "sso",
+				"User is locked out for " + Configuration.getAsInt(ConfigurationKeys.LOCK_OUT_TIME)
+					+ " mins after " + failedAttempts + " failed attempts.");
 		    }
 		    getUserManagementService(session.getServletContext()).save(user);
 		}
@@ -268,4 +268,12 @@
 	}
 	return SsoHandler.userManagementService;
     }
+
+    protected IAuditService getAuditService(ServletContext context) {
+	if (SsoHandler.auditService == null) {
+	    WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(context);
+	    SsoHandler.auditService = (IAuditService) ctx.getBean("auditService");
+	}
+	return SsoHandler.auditService;
+    }
 }
\ No newline at end of file