Possibility to log permission denied

[emolsson]

In order to detect unauthorized use it would be beneficial to be able to specify that all failed (unauthorized) operations should be logged, regardless if the role is white-listed or not.

If a role has been white-listed for all data access operations (i.e. for simplicity) but only has access to a subset of the keyspaces/tables then it would make sense to log whenever the role tries to access another keyspace.