This week's book giveaway is in the Other Languages forum. We're giving away four copies of Functional Reactive Programming and have Stephen Blackheath and Anthony Jones on-line! See this thread for details.
My team is building a new web application for internal corporate users. We are deciding between Java Security (as defined in the Servlet spec) or Spring Security. I tried googling for the pros/cons of each, and I read documentation from the Springsource website, but still I did not find enough to help me reach a decision.
So far the only benefit for Spring Security is that it is not tied to the container. Are there any other benefits? What are the benefits of sticking with J2EE security as implemented by the container?