Получение 403 при использовании Spring Security

Question

Привет, я новичок в безопасности Spring, в то время как при входе на обычную страницу входа в систему с использованием Spring Security я получаю ошибку 403, а также со страницей входа по умолчанию, также я получаю ту же ошибку. Я использую Spring 5.2 и Spring Security 4.2, JSTL 1.2 может любой, пожалуйста, помогите мне в этом Спасибо заранее ...

мой веб. xml файл

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xmlns="http://xmlns.jcp.org/xml/ns/javaee" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee 
http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd" id="WebApp_ID" version="3.1">
<display-name>myFirstApp</display-name>

<servlet>
<servlet-name>dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>

<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>/WEB-INF/springSecurity.xml</param-value>
</context-param>

<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener> 
</web-app>

мой SpringSecurity file

<beans:beans xmlns:beans="http://www.springframework.org/schema/beans"
 xmlns="http://www.springframework.org/schema/security" 
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.springframework.org/schema/beans 
  http://www.springframework.org/schema/beans/spring-beans-4.0.xsd
           http://www.springframework.org/schema/security 
 http://www.springframework.org/schema/security/spring-security-4.0.xsd">



 <http  auto-config="true">
    <intercept-url pattern="/admin**" access="hasRole('ROLE_ADMIN')" />  

    <form-login login-page="/login" default-target-url="/" authentication-failure-url="/login?error" 
   />


  <logout logout-success-url="/login?logout" />
   </http>

  <authentication-manager>
  <authentication-provider>
   <user-service>
   <user name="venkatesh" password="venkatesh" authorities="hasRole(ROLE_ADMIN)" />
    </user-service>
  </authentication-provider>
  </authentication-manager> 

  </beans:beans>

Мой класс контроллера

     package com.controllers;

    import javax.servlet.http.HttpServletRequest;

     import org.springframework.security.core.context.SecurityContextHolder;
    import org.springframework.security.core.userdetails.UserDetails;
    import org.springframework.stereotype.Controller;
    import org.springframework.ui.Model;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RequestMethod;
      import org.springframework.web.bind.annotation.RequestParam;
      import org.springframework.web.servlet.ModelAndView;

        @Controller
          public class FirstController {



       // If user will be successfully authenticated he/she will be taken to the login secure page.
       @RequestMapping(value="/admin", method = RequestMethod.GET)
      public ModelAndView adminPage() {

    ModelAndView m = new ModelAndView();
    m.addObject("title", "Spring Security Custom Login Form Example");
    m.addObject("message", "This is protected page!");
    m.setViewName("admin");

    return m;
        }
     @RequestMapping("/")
    public String login(HttpServletRequest request) {
  return "index";
      }

      // Spring security will see this message.
     @RequestMapping(value = "/login", method = RequestMethod.GET)
      public ModelAndView login(@RequestParam(value = "error", required = false) String error, 
        @RequestParam(value = "logout", required = false) String logout) {

    ModelAndView m = new ModelAndView();
    if (error != null) {
        m.addObject("error", "Nombre de usuario y contraseña inválidos.");      // Invalid username 
    and password error.
    }

    if (logout != null) {
        m.addObject("msg", "Has salido exitosamente.");     // You have left successfully.
    }

    m.setViewName("login");
    return m;
      }


   }

мой логин. jsp file

   <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
   <html>
   <head>
    <title>Custom Login Page</title>
   </head>
   <body>
   <h3>Custom Login Page</h3>
    <%
   String error = (String) request.getAttribute("error");
   if (error != null &&error.equals("true"))
    {
    out.println("<h4 style=\"color:red\">Invalid login credentials. Please try again!!</h4>");
     }
     %>
    <form name='loginForm' action="<c:url value='login' />" method='POST'>

    <table>
    <tr>
    <td>User:</td>
     <td><input type='text' name='username' value=''></td>
     </tr>
     <tr>
    <td>Password:</td>
     <td><input type='password' name='password' /></td>
     </tr>
      <tr>
    <td><input name="submit" type="submit" value="submit" /></td>
     <td><input name="reset" type="reset" /> <input type="hidden"
   name="${_csrf.parameterName}" value="${_csrf.token}" /></td>

    </tr>
   </table>

    </form>
  </body>
  </html>