Spring Security was formerly known as the Acegi Security System for Spring.
The newer versions of the framework provide a huge array of authentication and access-control features for applications.
Here are some key features of "Spring Security":
· Easy Configuration using Spring Dependency Injection
· Non-Intrusive Setup
· Non-Invasive
· Pluggable Architecture
· Comprehensive Authorization Services
· Enterprise-wide single sign on using CAS 3
· OpenID Support
· X.509 (Certificate) support
· LDAP Support
· User Provisioning APIs
· Supports HTTP BASIC authentication
· Supports HTTP Digest authentication
· Various authentication backends
· Easy integration with existing databases
· Password encoding
· Event support
· Remoting support
· Transparent security propagation
· Run-as replacement
· Compatibility with Servlet Security API
· Tag library support
· Flexible "Pre-Authentication" Framework
· Remember-Me (Persistent Login)
· IDE Support
· Web Flow Security
· WSS (formerly WS-Security)
· Peer reviewed
What's New in This Release: [ read full changelog ]
· Servlet 3, Async Support
· Spring MVC Async Integration
· Servlet 3 API Integration
· New Servlet API Sample Application