• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

clean way to log every database operation issued by which user

 
David Spades
Ranch Hand
Posts: 348
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
So, there's a new requirement to log which user issues what database operations. The dumb way is to pass the session object around, but I hope said dumb way is not the only way to achieve this. Hopefully there's another cleaner and smarter way to do this. can anybody give a pointer? thanks
 
Viktor Pergjoka
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Im not sure what exactly you mean. Is there a servlet which performs the database operation? If yes, you could put a Filter and map it on the Servlet. And in the Filter you could log the things.
 
David Spades
Ranch Hand
Posts: 348
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Sorry, perhaps I wasn't too clear. What I want to do is when a user click a button "Save" for example, said user will trigger an either insert or update statement on several rows on several tables. I'm assuming that we're using MVC paradigm, so the request object is available in controller object, but normally the database layer responsible for persisting data does not have access to the request object. This is what I'm trying to figure out. Thanks
 
J. Kevin Robbins
Bartender
Pie
Posts: 1801
28
Chrome Eclipse IDE Firefox Browser jQuery Linux MySQL Database Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Interesting problem. I'm going to assume that your controller is populating a bean or Map with the database record information and then passing it to a DAO. How about including a field for user ID and having the DAO pass that value to a class that writes the log entry?
 
Dieter Quickfend
Bartender
Posts: 543
4
Java Netbeans IDE Redhat
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You could use an interceptor and inject the Principal if you're using CDI.
 
David Spades
Ranch Hand
Posts: 348
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Yes, that's what I said as "dumb way" since that would mean massive refactoring for all DAO objects. I'm trying to find to somehow let the session object to communicate directly with hibernate session to store the user info, or any other clean and smart way? thanks
 
David Spades
Ranch Hand
Posts: 348
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
@Dieter:
I'm using spring security + hibernate. Could you please show a snippet to inject the principal to the interceptor?
thanks
 
Viktor Pergjoka
Greenhorn
Posts: 20
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Im not sure if this works because I never tried it, but maybe: User user = (User)SecurityContextHolder.getContext().getAuthentication().getPrincipal();

So you could retrieve your information from the SecurityContextHolder since you are using Spring Security.
 
Jayesh A Lalwani
Rancher
Posts: 2762
32
Eclipse IDE Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
David Spades wrote:@Dieter:
I'm using spring security + hibernate. Could you please show a snippet to inject the principal to the interceptor?
thanks


David, Here's some information on how to implement Hibernate interceptor. Like Viktor said, if you are using Spring security, you can directly get the current User from SecurityCOntextHolder

Internally, Spring stores the security context in a thread local variable. SO, as long as the interceptor is called on the same thread as the http request, you should get the user back.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic