Ive been working now with the Spring Framework 3.0.5 and Spring Security 3.0.5 for several time. I know that Spring Framework uses DI and AOP. I also know that Spring Security uses DI, for example when writing custom handlers or filters. Im not sure whether Spring Security also uses AOP – so my first question is: does it?

Well, Id also like to know how Spring Security can be used for non-spring-based applications. Its written in their documentation that this is possible. Well, I wonder how – it seems like it uses DI, so how should it work in a simple java web application? I guess at least a web container which supports dependency injection is needed, correct? (Which one could that be?)

Thank you for answering 🙂

[EDIT]
documentation says:

“documentation says: “Spring Security provides comprehensive security services for J2EE-based enterprise software applications. There is a particular emphasis on supporting projects built using The Spring Framework, which is the leading J2EE solution for enterprise software development. If you’re not using Spring for developing enterprise applications, we warmly encourage you to take a closer look at it. Some familiarity with Spring – and in particular dependency injection principles – will help you get up to speed with Spring Security more easily.””

j2ee-based enterprise software applications……… emphasis on supporting projects using spring framework…… well this means it should be possible to work with it without Spring Framework itself!
?

AND:

Even though we use Spring to configure Spring Seurity, your application doesn’t have to be Spring-based. Many people use Spring Security with web frameworks such as Struts, for example.

This is from the spring security homepage. well….