Use the servlet container to authenticate users, as per defined by the servlet spec. This is historically what Hudson has been doing up to 1.163. It is useful mainly for the following situations:
  1. You've been using Hudson before 1.164 and would like to keep its behavior.
  2. You've already configured your container with the right security realm and prefer Hudson to just use it. (sometimes the container offers better documentation or custom implementations to connect to a specific user realm.)