I am currently working on a project using Spring Security 2.x where the user authentication consists of more than just two parameters. Usually authentication consists one principal (username) and one credential (password). We are sticking with Spring Security version 2.x versus 3.x due to the inability to move to Spring 3.x at this time. So, I delved into how to implement authentication using multiple credentials. I am not going to go into setting up Spring Security, as there are plenty of resources already existing for reference. Also bear in mind that there is some refactoring that needs to happen to this code, I just wanted to share for anyone who may be running into issues like I had.
Security Spring Beans
First, lets look at the security-context.xml. It contains all of the beans related to our security implementation.
As you can see, I have introduced some new classes into the mix. Lets take a look at those now.
Java classes
MultipleCredentialAuthenticationFilter.java
MultipleCredentialAuthenticationToken.java
MultipleCredentialAuthenticationProvider.java
MultipleCredentialAuthenticationService.java
AuthorityGranterUndefinedException.java
Now all that is required is to provide implementation classes for our defined interfaces. See below:
MultipleCredentialAuthenticationServiceImpl.java
RoleUserAuthorityGranterImpl.java
Hopefully you will find this post useful if you are attempting to solve an authentication problem using multiple credentials using Spring Security.
A Software Guy's Blog 
This is amazing you really did a lot of work on this.
Great post Eric! Reading your blog has been very insightful and helpful to my work.