Authentication and authorization are the essential parts of enterprise applications, both web applications and web services. Spring Security is a powerful and highly customizable authentication and access control framework. Spring Security focuses on providing declarative authentication and authorization to Java applications.
Important features in Spring Security are as follows:
- Comprehensive support for both authentication and authorization
- Good support for integration with servlet APIs and Spring MVC
- Module support for integration with Security Assertion Markup Language (SAML) and Lightweight Directory Access Protocol (LDAP)
- Providing support for common security attacks such as Cross-Site Forgery Request (CSRF), session ...