@SuppressWarnings("rawtypes")
@Override
protected void configure(HttpSecurity http) throws Exception {
SecurityExpressionHandler<FilterInvocation> handler = new DefaultWebSecurityExpressionHandler();
WebExpressionVoter expressionVoter = new WebExpressionVoter();
AffirmativeBased adm = new AffirmativeBased(Arrays.<AccessDecisionVoter>asList(expressionVoter));
http
.authorizeRequests()
.expressionHandler(handler)
.accessDecisionManager(adm)