The core Progress Application Server (PAS) employs the Spring Security framework to provide enterprise-level application security with regard to:
Authentication — verification that username and password combinations are valid.
Authorization — enforcing access control (user accounts are granted permissions according to their assigned roles).
Spring Security is a Java-based framework implemented in the /common/lib directory of the core PAS. For more information about Spring Security see http://www.springsource.org.