Spring Security 3 no-xml role restriction doesnt work

Question

I'm using spring security in a new application and I configured the WebSecurityConfigurerAdapter. Everything with the filters works fine, but the problem comes on the distinction of two holes I have: Usuario(User) and Administrador(admin). The problem comes when I login with the User role and I access the path I restricted for that(/restricted) -- everything works fine, filter applyed --, but when I access as Admin, I can only manage to access the user path (/restricted), and not the /admin path, which I would like to.

Here bellow is the configuration as I did.

@Override
protected void configure(HttpSecurity http) throws Exception {
     http.authorizeRequests()
     .antMatchers("/resources/**", "/includes/**", "/cadastrar", "/logout", "/login", "/", "/home").permitAll()
     .antMatchers("/admin/**").hasRole("ADMINISTRADOR")
     .anyRequest().authenticated().antMatchers("/restricted/**").hasRole("USUARIO")
     .anyRequest().authenticated().and().formLogin()
    .loginPage("/login").defaultSuccessUrl("/success-login", true)
    .loginProcessingUrl("/login").failureUrl("/login?error=true").permitAll().and()
    .logout().logoutUrl("/logout").logoutSuccessUrl("/");
}

Does anybody here knows whats wrong? Thanks much

Answer 1

Resolved. I've just changed to authority instead of hole. Everything works fine now.

@Override
protected void configure(HttpSecurity http) throws Exception {
     http.authorizeRequests()
     .antMatchers("/admin/**").hasAuthority("ADMINISTRADOR")
     .antMatchers("/restricted/**").hasAnyAuthority("USUARIO", "ADMINISTRADOR")
     .antMatchers("/resources/**", "/includes/**", "/cadastrar", "/logout", "/login", "/", "/home").permitAll()
     .and().formLogin()
    .loginPage("/login").defaultSuccessUrl("/restricted/teste", true)
    .loginProcessingUrl("/login").failureUrl("/login?error=true").permitAll().and()
    .logout().logoutUrl("/logout").logoutSuccessUrl("/");
}