Spring Security is a Java/Java EE framework that provides authentication, authorization and other security features for enterprise applications.
The project was started in late 2003 as 'Acegi Security' (pronounced Ah-see-gee /ɑːsiːdʒiː/, whose letters are the first, third, fifth, seventh, and ninth characters from the English alphabet, in order to prevent name conflicts[2]) by Ben Alex, with it being publicly released under the Apache License in March 2004.
The first public release under the new name was Spring Security 2.0.0 in April 2008, with commercial support and training available from SpringSource.
Diagram 1 shows the basic flow of an authentication request using the Spring Security system.
It shows the different filters and how they interact from the initial browser request, to either a successful authentication or an HTTP 403 error.