Practical Quick Start with Acegi Security and Spring
The afternoon sessions begin with Practical Quick Start with Acegi Security and Spring , presented by Ben Alex . Ben is the project lead for Acegi Security , a fully pluggable and flexible enterprise security framework. Specifically for your enterprise software, it's not an Operating System security framework or any sort of browser or sandbox security solution. The important thing to know about Acegi Security is it is more of a model and lexicon instead of pre-built security implementation. Because security varies across each application so widely, Acegi provides interfaces and extension points to make building a security framework much easier. Acegi is much more than a replacement for Servlet API security. While it does fully replace the Servlet security features, it also provides fine grained ACLs on a per-object instance which is a huge feature. J2EE security does not support that at all. Other features include CAPTCHA, channel security, switch user, prohibit concurrent lo...