Users, Groups and Security
The Framework has a convenient, optional security system with user profiles, passwords, and authorities to objects in the Framework. This system offers a moderate level of security and it can interface with your own security system if need be.
It is not and cannot be a one stop shop for security due to the nature and variety of environments it operates with.
Framework security is optional. If you want to, you can switch off Framework security and just use the server's native security (the http server security for web users). In this way you can still control who accesses your application, but you won't be able to control what they can do within the Framework.
Five Things You Need to Know About Basic Framework Security
Frequently Asked Questions (Users and Security)
Creating Web Interface for Maintaining Users and Authorities