...
Our existing authentication and authorization have all been written from scratch, which means we’d need to overwrite a number of all the core Spring Security classes before any of this would work;
The result would take time and involve learning a lot of code (and a solid understanding of more about Spring Security);
Security exceptions would appear in places where we are now able to return InvalidEntityExceptions and the like. Possibly confusing to existing users.
...