JSecurity seems promising

In a project I am currently working on we need to implement security (authentication and authorization). Reading this Sonatype blog entry I found out about JSecurity. I will give it a try. Although the lack of documentation is obvious its concept makes the framework very interesting.