If Spring produces OE CPO, what is the purpose of Progress OEAG?

[ChadThomsonPSC]

"If Spring produces OE CPO, what is the purpose of Progress OEAG?"

[ChadThomsonPSC]

Spring Security in PAS controls access authentication and authorization.

When an un-authenticated request is made to a Spring-controlled URI, Spring will trigger the authentication process.
PAS can be configured to use the OpenEdge Authentication Gateway (OEAG) for authentication.
Un-authenticated requests will cause Spring to prompt for credentials, and consult the OEAG for the actual authentication.

The primary use-case for OEAG is to control access to an OpenEdge database. However, in this example, OEAG is behaving as a Security Token Service (STS).

Using external services for authentication is considered best-practice regarding separation of concerns, and Services Oriented Architecture (SOA) implementation patterns.