[8.x] [Authz] Adjusted forbidden message for new security route configuration (#195368) (#195761)

# Backport

This will backport the following commits from `main` to `8.x`:
- [[Authz] Adjusted forbidden message for new security route
configuration (#195368)](https://github.com/elastic/kibana/pull/195368)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Elena
Shostak","email":"165678770+elena-shostak@users.noreply.github.com"},"sourceCommit":{"committedDate":"2024-10-10T12:40:15Z","message":"[Authz]
Adjusted forbidden message for new security route configuration
(#195368)\n\n## Summary\r\n\r\nAdjusted forbidden message for new
security route configuration to be\r\nconsistent with
ES.\r\n\r\n\r\n__Closes:
https://github.com/elastic/kibana/issues/195365__","sha":"2759994e2d53b294a3a049f69bd56fc2e8477e77","branchLabelMapping":{"^v9.0.0$":"main","^v8.16.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","enhancement","release_note:skip","Feature:Security/Authorization","v9.0.0","backport:prev-minor"],"title":"[Authz]
Adjusted forbidden message for new security route
configuration","number":195368,"url":"https://github.com/elastic/kibana/pull/195368","mergeCommit":{"message":"[Authz]
Adjusted forbidden message for new security route configuration
(#195368)\n\n## Summary\r\n\r\nAdjusted forbidden message for new
security route configuration to be\r\nconsistent with
ES.\r\n\r\n\r\n__Closes:
https://github.com/elastic/kibana/issues/195365__","sha":"2759994e2d53b294a3a049f69bd56fc2e8477e77"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/195368","number":195368,"mergeCommit":{"message":"[Authz]
Adjusted forbidden message for new security route configuration
(#195368)\n\n## Summary\r\n\r\nAdjusted forbidden message for new
security route configuration to be\r\nconsistent with
ES.\r\n\r\n\r\n__Closes:
https://github.com/elastic/kibana/issues/195365__","sha":"2759994e2d53b294a3a049f69bd56fc2e8477e77"}}]}]
BACKPORT-->

Co-authored-by: Elena Shostak <165678770+elena-shostak@users.noreply.github.com>

x-pack/plugins/security/server/authorization/api_authorization.ts

@@ -87,17 +87,17 @@ export function initAPIAuthorization(
           const missingPrivileges = Object.keys(kibanaPrivileges).filter(
             (key) => !kibanaPrivileges[key]
           );
-          logger.warn(
-            `User not authorized for "${request.url.pathname}${
-              request.url.search
-            }", responding with 403: missing privileges: ${missingPrivileges.join(', ')}`
-          );
+          const forbiddenMessage = `API [${request.route.method.toUpperCase()} ${
+            request.url.pathname
+          }${
+            request.url.search
+          }] is unauthorized for user, this action is granted by the Kibana privileges [${missingPrivileges}]`;
+
+          logger.warn(forbiddenMessage);
 
           return response.forbidden({
             body: {
-              message: `User not authorized for ${request.url.pathname}${
-                request.url.search
-              }, missing privileges: ${missingPrivileges.join(', ')}`,
+              message: forbiddenMessage,
             },
           });
         }