Security is one of the major requirements in modern day enterprise applications and yet it is also one of the weakest parts of most developers toolboxes. The problem is of course that security is HARD! It turns out that rather than reinventing the wheel for each application, developers can turn to a great security framework out there already; Acegi.

In this session we'll discuss a little known but widely used Spring sub-project called Acegi Security. Acegi is a great tool for implementing security at the URL, method, and domain object layers and can greatly simplify security requirement fulfillment for enterprise applications. The first part of the session will focus primarily on some basic security concepts and where Acegi fits into the equation. The second part of the session will focus on basic design and usage principals of Acegi. The final segment will be a live coding example where we actually take an application and add all three levels of Acegi security to it. As a bonus, I'll even tell you the story of how the Acegi name came about :)