spring authorization

I have some problems with authorization. I don't want to use Spring Security, just simple authorization form (with two fields: UserName, Password and submit button). Then user can work with application data (data representation depends on UserName). But I don't know, how to save UserName of authorized user for any further manipulations (in session scope. for example to show only authorized user data).

Also I want to protect application in a such way: if user somehow knew about addresses of my pages (e.g. /addRataPage, /deleteDataPage, and so 开发者_运维知识库on...), but tries to go there without authorization, he should be redirected to some page (for example, again to the authorization page).

Could you help me?

Why not use Spring Security? It looks like it would solve your problems perfectly, as it would manage the authorisation for you, keep the username in scope, and allow only authorised users to access protected URLs. What's your objection to using it?