Java EE 6 security currently leaves much to be desired (for me that's just saying), I however stumbled upon Apache Shiro and Spring Security as more popular security frameworks for the Java enterprise.
I am more inclined to go the Spring Security direction because of non existent tag library for the Apache Shiro alternative.
However surprisingly, I cannot find any tutorial that details how to integrate spring security with the Java EE 6 stack. Do you have any recommendations?
I have decided to go the Apache Shiro partway. Tag library exists in www.github.com. And documentation seems appropriate enough