Hi I'm interested if Spring Security covers urganizing users into groups? Can I have permissions for the group and for the user? Can I restrict access to some record like in the following example:

A user can create a travelClaim and see just the list of thravel claims that he/she ownes.

Is this possible and what is the best reference source (example) for this kind of security?

Thanks in advance.