One of the problems we've had with this pattern is that Hibernate doesn't know about the relationship between the AuditInfo object and our user table. That is, Hibernate sees the updatedBy/createdBy attributes as just ordinary number attributes. It doesn't understand that they actually represent associations into your user table (because you haven't told it). This presents a serious issue when it comes time to actually use your auditing info to display usernames etc. of creating/updating users. One way around this is to use a Hibernate Component instead of a custom UserType or CompositeUserType. The only problem with modelling the createdBy/updatedBy as actual User objects is that you can't do much with the Session from within an interceptor. You will have to pass in the User object to the interceptor when you create the Session. It's not a chicken-egg scenario because you only need to read using the Session that will lookup the user object. You also need to make sure you proxy your User object so you don't get unnecessary loads of the User attributes all over the place.