Spring security with multiple login pages

Question

I am using Spring security to secure login to the application admin section with a username and password. But now my client need to have another login screen for the application

Answer 1

I would use only one security:http, but register two UsernamePasswordLoginFilters.

This solution would be appropriate if the two Login-Pages belog to the same security-realm. (So if it does not matter on which Login-Page the user logs in). Of course you can still use roles to restrict the access for different parts of your application for different types of users.

This solution should be quite easy, because you will not need to handle two security:http sections.

The major drawback of this is: that you will have to decide on which of the two login pages a NOT logged in user gets redirected if he try to access an page that requires a login.