Securing flow execution is a three step process:
Configure Spring Security with authentication and authorization rules
Annotate the flow definition with the secured element to define the security rules
Add the SecurityFlowExecutionListener to process the security rules.
Each of these steps must be completed or else flow security rules will not be applied.