This appears to be the same as ReadonlyRest login fail hook function - #7 by Jstyle0302
Which we provided a solution for, but in form of custom serializer jar. Which I re-link here: ror-cust-serializer-basic-auth-failure-log-user.jar. And can be installed as per documentation.
@coutoPL we should have an issue for this, right?