There were some parts that were omitted during the learning process, so I was very confused. For example, in Section 2, there is a section that deals with the Authencation object, but I didn't quite understand what it meant to globally retrieve and use the authentication object. It says to retrieve it through SecurityContextHolder.getContext().getAuthencation(), but there was no explanation on how to map and retrieve the authentication object according to the client request. Of course, after the lecture, it was explained in detail, but in this case, it would have been good if there had been a spoiler like "You can retrieve this anywhere using the session and use it. I will explain it in detail later in the lecture."