Security

Authentication and authorization are based on the Spring Security (formerly Acegi) framework.

Spring Security is a powerful and highly customizable authentication and access-control framework. It is the de-facto standard for securing Spring-based applications. For more information, see Spring Security portal at https://spring.io/projects/spring-security.

Customizing

Developers can customize the security framework by adding J2EE filters through a plugin.