To use Servlet authentication information for JPA Security within your JSF application you may integrate JPA Security like described in the previous chapter and specify net.sf.jpasecurity.jsf.authentication.JsfAuthenticationProvider as authentication provider in your persistence properties. You need to define all the roles your application is using with the @DeclareRoles annotation at at least one of your entity beans in order to make the JsfAuthenticationProvider work correctly.

If you do not have a version of a spring-security.jar in your classpath usually you do not need to define your own authentication provider as the auto-detection mechanism of JPA Security should automatically install the EjbAuthenticationProvider (if you are in a Java EE server) or the JsfAuthenticationProvider if you are using JSF outside a Java EE server, both using Servlet authentication information.

You need to have the jpasecurity-jsf module in your classpath in order to make the JsfAuthenticationProvider work.