Here is what I would like to do and am wondering if where Spring Security fits into the mix.

We have two managed environments: Lotus Domino(ldap) and Active Directory. Ultimately, one of these will become the master repository, but there is a time where both are required.

We have a customer database for people who shop on our web sites.

What I would like to do is create a self-service portal for all internal users as well as our customers. It would need to be able span across all three environments. I am aware the Spring Security can connect to LDAP, Active Directory and a database independently, but can they all be used in conjunction with one another? Are there any examples of scenarios similar to this?

I ultimately want to use this self-service portal as way to employees to preform password resets across all sites and for their Windows sign-ons, etc. I also want customers to be able to perform the same, but just across the web sites in which they are registered.

Would a more traditional SSO solution (CAS, JOSSO, etc.) be better and just use Spring Security when users accessing the web sites?

Thanks.