// let us now audit the code
// The following will create an AuditEvent with a subject equal to the
// user's name, a verb equal to ADD_PERMISSION, an the object
// equal to the name of permission passed as argument
AuditorFacade auditorFacade = new AuditorFacade(user.getName(),
ADD_PERMISSION_VERB, permission.getName());
try {
// send the AuditEvent through an appender (usually to a server)
auditorFacade.audit();
} catch (AuditException e) {
// if an AuditException occurs, rethrow it as
// an application failure (AccessException)
throw new AccessException("Audit failure", e);
}