If you search in Internet about this issue, you will find various topics that discuss the issue. However, they aren't complete or accurate. Because of this, I've decided to develop or to adapt my own solution, picking from here to there to reach a complete solution. This paper resumes my researches and conclusions.
What I wont is to implement one of those “login with Facebook” buttons that you can see in many websites. Other websites implement other functionalities (like sharing pics and posts of the users), but this is not my interest.
Going deeper, if I have a protected resource like http://www.myapplication.com/users/sendMessage.jsf, using Spring Security this takes care that a login screen will appear when someone tries to access this message.
What I have to do next is to integrate this login screen with the login functionality of facebook. This is not simple because I have to integrate the functionality with the nuts and bolts of spring security: filters Authentication Tokens, and things like that.
After many searches on internet, I've found spring oauth2 and I've discarded this: I don't know how to integrate with Spring Security.
Because the issue