When you're using Spring Security in web applications, I'm fairly sure that it can tie in with the JEE standard security framework (container-managed authentication and authorization).
When you use container security, both the mechanism for authentication and authorization (Realm) and the database used by the Realm are externally-configurable options built into the web application server, not the application. In a case like that, Spring Security would simply invoke the container security API when it could and handle the finer points itself.
"privilege" comes from the Latin words for "private" and "law" (legal) and dates to feudal times. To "claim privilege" meant that you were above the laws that applied to the common people.
What is that? Is that a mongol hoarde? Can we fend them off with this tiny ad?