A team in my company is working on a Wicket project and thinking of using Spring Security for ...well... security. Since I prefer Seam Security by far I was wondering can one use it without the rest of the Seam stuff? I'm saying this because with Spring Security, the application remains pretty much pure Wicket (no Spring stuff anywhere but in the configs) and that's just the way they want it. The problem though is in the fact the Spring Sec. relies heavily on HTTP session which Wicket hides. If Seam Security could provide a similarly unobtrusive security but with better integration with Wicket, they'd probably go that way. So, what are your thoughts? Is there any guide anywhere or anything?