Audit Log module

A fork of https://github.com/alexanderstrebkov/auditlog brought up to date with version 1.2.3 of the Play! Framework.

Add Audit Log module to your application’s dependency list

In the conf/dependencies.yml file, add a local repository and a dependency

# Application dependencies
require:
    - play
    - auditlog -> auditlog
repositories:
    - localRepo:
        type: local
        artifact: ${application.path}/../[module]
        contains:
          - auditlog

Adjust the artifact setting accordingly.

Enable the Audit Log module for the application

In the /conf/application.conf file, enable the Hibernate event listeners for the Audit Log module by adding those lines:

# Audit Log
hibernate.ejb.event.post-insert=play.modules.auditlog.AuditLogListener
hibernate.ejb.event.post-update=play.modules.auditlog.AuditLogListener
hibernate.ejb.event.post-delete=play.modules.auditlog.AuditLogListener

Using the Audit Log module

Add @Auditable annotation to your model:

@Entity
@Auditable
public class Book extends Model {

You are done. All create, update and delete operations will be logged into AuditLogEvent model provided by module. Following information is stored:

• Model name
• Model id
• Operation (CREATE, UPDATE or DELETE)
• Property name
• Old value
• New value
• Actor
• Date and time
• Session id

By default actor is username property from session and session id is taken from session.getId() (compatible with Secure module for Play! Framework).

Protecting passwords:

To ensure passwords and other sensitive data is not included in the audit log the @PasswordField annotation is provided. Simply annotate the sensitive fields like so:

@Entity
@Auditable
public class User extends Model {
    @PasswordField
    public String password;

The audit log will contain an entry for the field to show it was changed but will not log the value. It logs ‘******’ instead.