Do your web apps need to run in servlet containers from different vendors?  How do you manage their security setup?  Like most Java developers, you might have started with container-managed security as you have many times before. Your frustration probably started building after just you tried deploying to your second or third container and continued getting worse from there.  This is one of the problems with Java web apps — they aren't portable between containers out-of-the-box.  You can’t just take a war file from one vendor’s container and deploy it to another without configuring the security handlers in that vendor’s unique way.  This article will show you how to replace the standard Java container-managed security with Spring Security to create a single, secure application that can be deployed to any servlet container.

Continue reading: Ditch Container-Managed Security To Create Portable Web Apps.