Audit policy (audit fields/columns on database)
We need in our appplication to informs about the following action in to a particular tables:
Such information we have to audit because the Data Protection Low in our country.
- Who modified the register on a given table?
- Who created/delete the register on a given table?
- Who read the register on a given table?
I am wondering about how to do that in a elegant way. We are planning to use Acegi for security concern, so I guess there is a way to obtain the authentification user name via Acegi, so we can use the user information for example on the DAO's in order to insert the audit information for the actions: query, modify, update, create, delete.
The way to make such audit operation, we expect can be done in a non intrusive way for example via AOP interceptors.
I guess we can't do that via trigger directly on data base because we don't have the information about the currently authentified user.
Do you have any idea about how solve this problem?
Thanks in advance,