This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
My team is building a new web application for internal corporate users. We are deciding between Java Security (as defined in the Servlet spec) or Spring Security. I tried googling for the pros/cons of each, and I read documentation from the Springsource website, but still I did not find enough to help me reach a decision.
So far the only benefit for Spring Security is that it is not tied to the container. Are there any other benefits? What are the benefits of sticking with J2EE security as implemented by the container?