FYI, I'm using Tomcat 5.5.

Simply put, I want to integrate Spring Security into an existing web application. The web app is proprietary; I have no access to its Java source code. The name of the web app is BMC Remedy ARS Mid-Tier, and I do have access to the web.xml file, of course. I'm not looking to build a Spring MVC application.

Is there a tutorial or guide which shows you how to integrate Spring Security with a "black box" web application? Is it even possible to wrap a web application that's not Spring-based with Spring Security? Please note the web application has its own authentication system.

Thank you very much for any help.