posted 12 years ago
It depends on what's your definition of secure?
If only login/logout is you definition, then we cant compare, both may be same.
one reason, which i can think of to using spring security, even in this case is, session fixation problem can be easily solved using spring security, which may not be case if we just use our own login mechanism.
Using spring security is always recommended, instead of we implementing login/logout functionality, why do you want to reinvent the wheel when its already invented?
It helps in future to implement SSO and so on..