SAML Extension uses SLF4J framework for logging. The same applies to the underlaying OpenSAML library. The sample application by default uses log4j version 1.2 binding for SLF4J.
You can enable debug logging by modifying file saml2-sample/src/main/resources/log4j.properties and adding:
log4j.logger.org.springframework.security.saml=DEBUG log4j.logger.org.opensaml=DEBUG
For details about using other logging frameworks please consult the SLF4J manual.
Processing of SAML messages and assertions is often limited to a specific time window which e.g. prevents possibilities of replay attacks. Validation of messages can fail when internal clocks of the IDP and SP machines are not synchronized. Make sure to use a time synchronization service on all systems in the federation.