Spring has created an increasingly rich ecosystem because of its popularity and (even more) its extensible design, which makes it easy for other projects to integrate with Spring without being coupled too tightly to it.
Let's look at some of the most important related projects, which you may find valuable in your Spring development.
Acegi Security System for Spring (http://acegisecurity.sourceforge.net/) provides comprehensive security services for Spring-powered projects. Acegi Security handles the typical security requirements of complex applications, including authentication, authorization, run-as replacement, and domain object instance-level security.
Acegi Security is structured around a ThreadLocal object known as ContextHolder. Stored in the ContextHolder is an Authentication object, which identifies the principal and an array of Granted Authoritys. In keeping with Spring's philosophy, Acegi provides a consistent abstraction over pluggable authentication mechanisms. A number of authentication mechanisms are included in the project to populate the Authentication. The most commonly used is the DAO-based authentication provider(backed by an RDBMS), although also popular is the Yale CAS integration, which is an open source project that provides enterprise-wide, single sign-on for a wide variety of web languages (Java, Apache, Python, ColdFusion, PHP, ASP, and so on). Authentication details can be collected from HTTP forms,
BASIC authentication (RFC 1945) headers, and even from the web container itself (support is currently provided for Tomcat, Jetty, Resin, and JBoss). The BASIC authentication allows the direct use of Acegi Security with all standard web services protocols.
At runtime, Acegi Security intercepts invocations that need to be secured, terming these intercepted invocations "secure objects." There are secure object handlers currently provided for web requests (the equivalent of using servlet specification security), AOP Alliance MethodInvocations (for use with standard Spring business object proxies), and AspectJ JoinPoints (useful if you're using AspectJ for domain object security). AOP provides a more general and flexible method of securing method calls than the EJB declarative security model.
Acegi Security provides a number of filters to ease integration with typical web-app projects.
Acegi is effectively the "official" security project for Spring. Spring will never offer its own security framework, and we recommend that users with non-trivial security requirements look first at Acegi, rather than implementing their own security framework. Acegi Security's close relationship with Spring is indicated by the fact that it has its own forum space on the main Spring Framework forums.
If you need to implement a web application with simple security requirements, you can of course use the security features defined by the Servlet specification in Spring applications.
Other projects directly associated with the Spring framework include:
Spring IDE for Eclipse (http://springide-eclip.sourceforge.net/): A set of plug-ins for the Eclipse platform designed to ease working with Spring XML configuration files, including adding visualization support for dependencies.
The Spring Modules project (www.springmodules.org): A set of Spring integrations for various technologies, such as the Lucene search engine, OSWorkflow, and Drools rule engine.
The Spring Framework.NET (www.springframework.net/): A .NET implementation of Spring's core concepts, providing IoC and AOP support on the .NET platform that offers a consistent programming model to Spring Java. Note that this project is not merely a port of Spring (which would not be idiomatic on .NET) but adapts key elements to the .NET environment.
Other Spring-related projects, not directly associated with or endorsed by the Spring project itself, include:
Aurora MVC (http://sourceforge.net/projects/auroramvc/): An alternative MVC framework, built on Spring concepts and designed for use with a Spring middle tier.
JSF-Spring (http://jsf-spring.sourceforge.net/): Integration between JSF and Spring, for users who require a more customizable integration than Spring provides for JSF out of the box (which should be sufficient for most users).
Wanghy Cache (http://jsf-spring.sourceforge.net/): Provides declarative caching services for Spring applications, using Spring AOP.
Spring XMLDB (http://sourceforge.net/projects/springxmldb/): Framework to aid the integration of XML databases and XML database access into the Spring Framework.
This is by no means a complete list at the time of this writing, and new projects appear frequently.
Numerous other frameworks also ship Spring integration, including:
WebWork (http://wiki.opensymphony.com/display/WW/WebWork): Popular MVC web application framework.
Mule (http://wiki.muleumo.org/display/MULEPROJ/Home): An Enterprise Service Bus messaging framework.
Cayenne (http://objectstyle.org/cayenne): Open source O/R mapping framework.