This question might be naive but I would like to know what are the advantages of using Spring security (or any other security framework) versus custom filters (@WebFilter) to restrict pages in a web-app. In a custom filter I can check the session of an user, see if an user bean has been mapped within the session and then check if the user bean has the appropriate role to gain access to my restricted area. So what do I gain by using Spring security, surely it's more secure, if so then how? I'm asking because I find it harder to use than using custom filters. Thanks in advance.
Aucun commentaire:
Enregistrer un commentaire