After having worked with Java EE on JBoss for the past six years I was pleasantly surprised when I started work on securing a Spring application I’m working on.
With EE and JBoss I got used to fidgeting with login modules. When we moved from JBoss 5.1 to JBoss EAP 6 it cost quite a bit of time to get our complicated login system running again.
The great thing about Spring is that security is completely implemented on the application side. They way I understand this, is that I could just move it to another container and it should work without any changes.
I had to google a bit to establish basic database authorisation, but it wasn’t too much work. I’ll write a post about my experience with a complete example as soon as I have the time.