Core Spring Security modules

In Spring Framework, Spring Security is a top-level project. Within the Spring Security project (https://github.com/spring-projects/spring-security), there are a number of sub-modules:

• Core (spring-security-core): Spring security's core classes and interfaces on authentication and access control reside here.
• Remoting (spring-security-remoting): In case you need Spring Remoting, this is the module with the necessary classes.
• Aspect (spring-security-aspects): Aspect-Oriented Programming (AOP) support within Spring Security.
• Config (spring-security-config): Provides XML and Java configuration support.
• Crypto (spring-security-crypto): Contains cryptography support.
• Data (spring-security-data): Integration with Spring Data.
• Messaging (spring-security-messaging)
• OAuth2: Support for OAuth 2.x support within Spring Security:
  • Core (spring-security-oauth2-core)
  • Client (spring-security-oauth2-client)
  • JOSE (spring-security-oauth2-jose)
• OpenID (spring-security-openid): OpenID web-authentication support.
• CAS (spring-security-cas): CAS (Central Authentication Service) client integration.
• TagLib (spring-security-taglibs): Various tag libraries regarding Spring Security.
• Test (spring-security-test): Testing support.
• Web (spring-security-web): Contains web security infrastructure code, such as various filters and other Servlet API dependencies.

These are the top-level projects within Spring Framework that are strongly linked to Spring Security:

• spring-ldap: Simplifying Lightweight Directory Access Protocol (LDAP) programming in Java.
• spring-security-oauth: Easy programming with OAuth 1.x and OAuth 2.x protocols.
• spring-security-saml: Bringing the SAML 2.0 service provider capabilities to Spring applications.
• spring-security-kerberos: Bringing easy integration of Spring application with Kerberos protocol.

Security Assertion Markup Language (SAML) is an XML-based framework for ensuring that transmitted communications are secure. SAML defines mechanisms to exchange authentication, authorization, and non-repudiation information, allowing single sign-on capabilities for Web services.

The Lightweight Directory Access Protocol (LDAP) is a directory service protocol that runs on a layer above the TCP/IP stack. Its based on a client-server model and provides a mechanism used to connect to, search, and modify Internet directories.

Kerberos is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using secret key cryptography. A free implementation of this protocol is available from MIT and it is also available in many commercial products.