Tim McGuire wrote:JAAS is one of the authentication providers that Spring can use. Note that JAAS works at a lower level than web-application. It has hooks (if that is the right term) into the application server and operating system. Spring Security works in the application layer. It has its own authentication API that is very good and does not need to use JAAS. Often an existing JAAS provider is used when Spring security is implemented. In most cases, a new project would not be enhanced by using JAAS.
Spring Security based on ACEGI and ACEGI vs JAAS was covered: https://coderanch.com/t/134325/Security/ACEGI-JAAS
Thanks
alot for the response Tim. As of now I am implementing Spring Security.
Can you please help me to write customized UserDetailsService.
1. I should implement UserDetailsService by some separate service class or by Dao class to give implementation for loadUserByUsername method?
2. In loadUserByUsername() method we provide only the user name and where to provide password?
ex in below code I am not providing the password.
How the spring comes to know about the credentials?
Request you to explain with ex.
Regards,
Geeta