Intercept-Url and filters

I'm currently working with Spring 3.0.4 and Spring Security 3.0.2 (latest stable release at the moment). I'm kind of struggling migrating from Spring 2.5 to this new version, but that's a different subject开发者_C百科.

The real question is coming, inside the <http> tag you can put the <intercept-url>, but it seems like it can also be used inside Security Filters (as seen here : Core web filters).

Can someone tell me the difference between these two? Why using it inside the http tag instead of inside in a security filter?

Thanks

Using <http> tag is a convenient way to configure security filters. When you use it, you typically don't need to configure individual filters.

However, in the complex cases you may configure filters manually as shown in the docs you referenced.

So, they do basically the same thing, but <http> tag is simplier and therefore it's a preferred way to configure Spring Security.