RedDog can use standard HTTP authentication mechanisms to decide whether information should be served or not.
It should play along with whatever authentication mechanism is set up in the servlet container, though actually uses Apache ShiroTM to simplify the authentication process.
Using Apache ShiroTM the server can define which HTTP object can be served to which users, according to the implementer needs. Beside this protection level, RedDog also supports the use of constraints per object field or attribute.
More information can be seen in the following links: