Index: lams_admin/web/WEB-INF/web.xml
===================================================================
diff -u -r9986a8084b318ccc9c025ec56407dc09a705dd60 -rf596b219c87c45a68dc12a6a5bf61b717ac47736
--- lams_admin/web/WEB-INF/web.xml	(.../web.xml)	(revision 9986a8084b318ccc9c025ec56407dc09a705dd60)
+++ lams_admin/web/WEB-INF/web.xml	(.../web.xml)	(revision f596b219c87c45a68dc12a6a5bf61b717ac47736)
@@ -67,6 +67,10 @@
 		</init-param>
     </filter>
     <filter>
+        <filter-name>AuditLogFilter</filter-name>
+        <filter-class>org.lamsfoundation.lams.web.filter.AuditLogFilter</filter-class>
+    </filter>
+    <filter>
         <filter-name>CSRFGuard</filter-name>
         <filter-class>org.owasp.csrfguard.CsrfGuardFilter</filter-class>
     </filter>
@@ -84,6 +88,10 @@
 		<url-pattern>/*</url-pattern>
 	</filter-mapping>
     <filter-mapping>
+        <filter-name>AuditLogFilter</filter-name>
+        <url-pattern>*.do</url-pattern>
+    </filter-mapping>
+    <filter-mapping>
         <filter-name>CSRFGuard</filter-name>
         <url-pattern>*.do</url-pattern>
     </filter-mapping>
@@ -202,12 +210,40 @@
 	
 	<security-constraint>
 		<web-resource-collection>
-			<web-resource-name>Secure Content</web-resource-name>
+			<web-resource-name>Sysadmin Content</web-resource-name>
 			<url-pattern>/*</url-pattern>
 			<http-method>GET</http-method>
  			<http-method>POST</http-method>
 		</web-resource-collection>
 		<auth-constraint>
+			<role-name>SYSADMIN</role-name>
+		</auth-constraint>
+	</security-constraint>
+	
+	<security-constraint>
+		<web-resource-collection>
+			<web-resource-name>Group Manager Content</web-resource-name>
+			<url-pattern>/usersearch.do</url-pattern>
+			<url-pattern>/orgmanage.do</url-pattern>
+			<url-pattern>/orgmanage/*</url-pattern>
+			<url-pattern>/organisation/create.do</url-pattern>
+			<url-pattern>/organisation/edit.do</url-pattern>
+			<url-pattern>/orgsave.do</url-pattern>
+			<url-pattern>/usermanage.do</url-pattern>
+			<url-pattern>/userorgsave.do</url-pattern>
+			<url-pattern>/userorg.do</url-pattern>
+			<url-pattern>/userorgrolesave.do</url-pattern>
+			<url-pattern>/userroles.do</url-pattern>
+			<url-pattern>/userrolessave.do</url-pattern>
+			<url-pattern>/user/edit.do</url-pattern>
+			<url-pattern>/user/basiclist.do</url-pattern>
+			<url-pattern>/user/searchsingle.do</url-pattern>
+			<url-pattern>/usersave/saveUserDetails.do</url-pattern>
+			<url-pattern>/css/*</url-pattern>
+			<http-method>GET</http-method>
+ 			<http-method>POST</http-method>
+		</web-resource-collection>
+		<auth-constraint>
 			<role-name>GROUP MANAGER</role-name>
 			<role-name>SYSADMIN</role-name>
 		</auth-constraint>
Index: lams_build/conf/j2ee/jboss-deployment-structure.xml
===================================================================
diff -u -r5694a8e26e12cfd208ef7f26d736f02dc6749f23 -rf596b219c87c45a68dc12a6a5bf61b717ac47736
--- lams_build/conf/j2ee/jboss-deployment-structure.xml	(.../jboss-deployment-structure.xml)	(revision 5694a8e26e12cfd208ef7f26d736f02dc6749f23)
+++ lams_build/conf/j2ee/jboss-deployment-structure.xml	(.../jboss-deployment-structure.xml)	(revision f596b219c87c45a68dc12a6a5bf61b717ac47736)
@@ -61,6 +61,7 @@
   	  <module name="com.codahale.passpol" export="true" />
   	  <module name="com.zaxxer.sparsebits" export="true" />
   	  <module name="org.bouncycastle" export="true" />
+  	  <module name="org.codehaus.woodstox" export="true" />
       
       <!-- Import META-INF/services for ServiceLoader impls as well
       <module name="myservicemodule" services="import"/>
Index: lams_build/conf/slim/standalone.xml
===================================================================
diff -u -r14a1fa92946bfa894e269ffe35d767816950437c -rf596b219c87c45a68dc12a6a5bf61b717ac47736
--- lams_build/conf/slim/standalone.xml	(.../standalone.xml)	(revision 14a1fa92946bfa894e269ffe35d767816950437c)
+++ lams_build/conf/slim/standalone.xml	(.../standalone.xml)	(revision f596b219c87c45a68dc12a6a5bf61b717ac47736)
@@ -113,6 +113,16 @@
                 <append value="true" />
             </size-rotating-file-handler>
 
+            <periodic-rotating-file-handler name="LAMSAUDIT"
+                autoflush="true">
+                <formatter>
+                    <named-formatter name="LAMSAUDITPATTERN" />
+                </formatter>
+                <file relative-to="jboss.server.log.dir" path="lamsaudit.log" />
+                <suffix value="'.'yyyy-MM-dd" />
+                <append value="true" />
+            </periodic-rotating-file-handler>
+
             <!-- ISO8601 date format -->
             <formatter name="HIBERNATEPATTERN">
                 <pattern-formatter pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} [%t] %-5p %c - %m%n" />
@@ -124,6 +134,10 @@
                 <pattern-formatter
                     pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} [%t:%x] %-5p %c - %m%n" />
             </formatter>
+            <formatter name="LAMSAUDITPATTERN">
+                <pattern-formatter
+                    pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %m%n" />
+            </formatter>
             
             <!-- ABSOLUTE date format -->
             <formatter name="CONSOLEPATTERN">
@@ -234,6 +248,13 @@
                 </handlers>
             </logger>
             
+            <logger category="org.lamsfoundation.lams.web.filter.AuditLogFilter" use-parent-handlers="false">
+                <level name="INFO" />
+                <handlers>
+                    <handler name="LAMSAUDIT" />
+                </handlers>
+            </logger>
+            
             <!-- On production change below settings to INFO -->
             
            	 <logger category="io.undertow.request">
@@ -460,4 +481,4 @@
         <socket-binding name="txn-recovery-environment" port="4712"/>
         <socket-binding name="txn-status-manager" port="4713"/>
     </socket-binding-group>
-</server>
\ No newline at end of file
+</server>
Index: lams_build/conf/standalone.xml
===================================================================
diff -u -r14a1fa92946bfa894e269ffe35d767816950437c -rf596b219c87c45a68dc12a6a5bf61b717ac47736
--- lams_build/conf/standalone.xml	(.../standalone.xml)	(revision 14a1fa92946bfa894e269ffe35d767816950437c)
+++ lams_build/conf/standalone.xml	(.../standalone.xml)	(revision f596b219c87c45a68dc12a6a5bf61b717ac47736)
@@ -141,6 +141,16 @@
                 <max-backup-index value="20" />
                 <append value="true" />
             </size-rotating-file-handler>
+            
+            <periodic-rotating-file-handler name="LAMSAUDIT"
+                autoflush="true">
+                <formatter>
+                    <named-formatter name="LAMSAUDITPATTERN" />
+                </formatter>
+                <file relative-to="jboss.server.log.dir" path="lamsaudit.log" />
+                <suffix value="'.'yyyy-MM-dd" />
+                <append value="true" />
+            </periodic-rotating-file-handler>
 
             <!-- ISO8601 date format -->
             <formatter name="HIBERNATEPATTERN">
@@ -153,6 +163,10 @@
                 <pattern-formatter
                     pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} [%t:%x] %-5p %c - %m%n" />
             </formatter>
+            <formatter name="LAMSAUDITPATTERN">
+                <pattern-formatter
+                    pattern="%d{yyyy-MM-dd HH:mm:ss,SSS} %m%n" />
+            </formatter>
             
             <!-- ABSOLUTE date format -->
             <formatter name="CONSOLEPATTERN">
@@ -263,6 +277,13 @@
                 </handlers>
             </logger>
             
+            <logger category="org.lamsfoundation.lams.web.filter.AuditLogFilter" use-parent-handlers="false">
+                <level name="INFO" />
+                <handlers>
+                    <handler name="LAMSAUDIT" />
+                </handlers>
+            </logger>
+            
             <!-- On production change below settings to INFO -->
             
            	 <logger category="io.undertow.request">
@@ -651,4 +672,4 @@
             <remote-destination host="localhost" port="25"/>
         </outbound-socket-binding>
     </socket-binding-group>
-</server>
\ No newline at end of file
+</server>
Index: lams_central/web/WEB-INF/web.xml
===================================================================
diff -u -r4436ad48ebfcbce1f25ad39db54f55c32873afc1 -rf596b219c87c45a68dc12a6a5bf61b717ac47736
--- lams_central/web/WEB-INF/web.xml	(.../web.xml)	(revision 4436ad48ebfcbce1f25ad39db54f55c32873afc1)
+++ lams_central/web/WEB-INF/web.xml	(.../web.xml)	(revision f596b219c87c45a68dc12a6a5bf61b717ac47736)
@@ -47,6 +47,10 @@
 		</filter-class>
 	</filter>
 	<filter>
+        <filter-name>AuditLogFilter</filter-name>
+        <filter-class>org.lamsfoundation.lams.web.filter.AuditLogFilter</filter-class>
+    </filter>
+	<filter>
 		<filter-name>CSRFGuard</filter-name>
 		<filter-class>org.owasp.csrfguard.CsrfGuardFilter</filter-class>
 	</filter>
@@ -129,6 +133,10 @@
 		<url-pattern>/ckeditor/*</url-pattern>
 	</filter-mapping>
 	<filter-mapping>
+        <filter-name>AuditLogFilter</filter-name>
+        <url-pattern>/loginas.do</url-pattern>
+    </filter-mapping>
+	<filter-mapping>
 		<filter-name>CSRFGuard</filter-name> 
 		<url-pattern>*.do</url-pattern>
 		<url-pattern>/ForgotPasswordRequest</url-pattern>