The login authentication of the previous projects was just implemented through using database lookup tables and database validation. The user logs in and asks for their username and password credentials, then controllers call a service that checks if there is a match in the login table or none. No authorization mechanism has been made yet so far at this point.

OCS implementation in project Ch07-Activiti uses a third-party plugin for both its authentication and authorization rules. This plugin is called Spring Security which works like this:

First, the user opens the /ch07/index.html URL of OCS. There is a filter class ...