views:

3151

answers:

4

I found couple of discussion threads on this- but nothing which brought a comparison of all three mechanism under one thread.

So here is my question...

I need to audit DB changes- insert\updates\deletes to business objects.

I can think of three ways to do this

1) DB Triggers

2) Hibernate interceptors

3) Spring AOP

(This question is specific to a Spring\Hibernate\RDBMS- I guess this is neutral to java\c# or hibernate\nhibernate- but if your answer is dependent upon C++ or Java or specific implementation of hibernate- please specify)

What are the pros and cons of selecting one of these strategies ?

I am not asking for implementation details.-This is a design discussion.

I am hoping we can make this as a part of community wiki

+1  A: 

I can't think of any good reason for not using database triggers to audit changes to the database. Inserts, updates and deletes can potentially hit the database from various sources - triggers will catch all these; Hibernate etc. will not.

Tony Andrews
I'm with you, the only way to be sure that all activity on the database is audited is to do it at the database level.
HLGEM
What if you wanted to switch database ? Rewrite all triggers ?
Icarus
@Icarus: that would be one of MANY things you'd need to do if you switched databases, yes. In reality, businesses don't tend to switch databases that much.
Tony Andrews
+3  A: 

I only can talk about Triggers and NHibernate, because I don't know enought abou tSpring AOP.

It depends on, as always, what is most important for you.

DB triggers

  • are fast
  • are always called, even from native SQL, Scripts, external apps.

NHibernate interceptors / events

  • are not DBMS specific.
  • allow you easy access to you business information, like the user session, client machine name, certain calculations or interpretations, localization, etc.
  • allow you declarative configuration, like attributes on the entity, which define if the entity needs to be logged and how.
  • allow you turning off logging, this could be important for upgrades, imports, special actions that are not triggered by the user.
  • allow you an entity view to the business model. You are probably closer to the users point of view.
Stefan Steinegger
A: 

I tink when you consider auditing, you need to consider what it is for. First, it is to havea record of who changed what and what changed so you can back out bad changes, you can identify problems with the system (we can see which of several differnt applications casued the change which helps identify quickly which one is broken) and so you can identify who made the change. The last can be really critical when it comes to detecting fraud. If you do everything from the user interface, you will never see the user committing fraud who changes the data in the backend to write himself a check. If you do everything from the interface, likely you have to have permissions set at the tabel level, thus opening the door for fraud to begin with. If you do everything from the interface you won't know which disgruntled employee deleted the entire user table for the pure annoyance value. If you do everything from the front end you won't know which incompetent dba accidentally updated all customer orders to the same customer. I can't support using anything except triggers for auditing as you lose a good part of why you need auditing in the first place.

HLGEM
A: 

Using Hibernate interceptors to perform Audit logs is deeply flawed. I'm stunned by the number of blogs that recommend this method without pointing out its most obvious flaw - the interceptor HAS to use a new transaction to record the audit. Which means you could successfully save the main transaction and have a system crash that fails to record the audit transaction!

kabram
You would certainly not want a log transaction crash to fail the main transaction.
Icarus
I think you would. For if it didn't, then from an Auditor's perspective, your audit-log is no longer the reliable "truth" for what actually happened or did not happen in your system. FYI: We implemented a system where we wrap hibernate entities using Javassist to capture settter method calls and changes (a little more complex for collections) and store this in a "job" attached to the transaction (our layer on top of hibernate allows this) and capture very nicely the audit changes.
kabram