What's recommended for authentication check? Servlet Filters or Form based authentication?

We are working implementing Single Sign On(SSO) using pingfederate. The basic impl开发者_Python百科ementation uses a login token sent via browser cookies for checking user authentication. What's the recommended way of doing the authentication check? Should I use a login filter or configure form-based authentication?

Both can be done as good. The difference is only that you've to write all the code yourself in one case and just do some (XML) configuration according existing guidelines in the other case.

Either way, I think the benefits and caveats are obvious enough. In this particular case, I'd go for container managed authentication to avoid future maintenance headaches.