> If you do not want users to have direct access to your tables

> , then I submit that you can't use triggers as the user affecting

> the change will not be available and that leaves putting the audit

> code in the stored procedures.

Actually, I realize I was not clear here. If you have connection pooling amongst users and the users are not using Windows Auth to connect directly to SQL server *then* the user would not be available. If users are using Windows Auth but going through stored procs (and not going through a proxy user like e.g. COM+) then of course the username would be available.