Spring Security Ошибка 403 “The server understood the request but refuses to authorize it.”

Есть класс User и enum Roles , содержащий Роли. Устанавливаю параметры UserDetails в UserDetailsServiceImpl , также настроил конфигурацию Spring Security. Для шифрования пароля использую BCryptPasswordEncoder. Проблема в том , что при вводе корректных данных выплывает ошибка "Сервер понял запрос, но отказывается авторизовать его."

UserDetailsServiceImpl

@Autowired
private UserDaoImpl userDao;
@Override
@Transactional(readOnly = true)
public UserDetails loadUserByUsername(String name) throws UsernameNotFoundException {
    User user = userDao.findByName(name);
    Set<GrantedAuthority> roles = new HashSet();
    for(Roles role : Roles.values()){
        roles.add(new SimpleGrantedAuthority(role.getRoleName()));
    }
    return new org.springframework.security.core.userdetails.User(user.getName() , user.getPassword() , roles);
}

}

Security config

<http auto-config="true">
    <intercept-url pattern="/admin" access="hasRole('Admin')"/>
    <form-login login-page="/login"
                authentication-failure-url="/login?error"
                username-parameter="username"
                password-parameter="password"/>
    <logout logout-success-url="/login?logout"/>
</http>
<authentication-manager alias="authenticationManager">
    <authentication-provider user-service-ref="userDetailsServiceImpl">
        <password-encoder ref="encoder"></password-encoder>
    </authentication-provider>
</authentication-manager>
<beans:bean id="userDetailsServiceImpl" class="com.cinema.services.UserDetailsServiceImpl"/>
<beans:bean id="securityService" class="com.cinema.services.SecurityServiceImpl"/>
<beans:bean id="encoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder">
    <beans:constructor-arg name="strength" value="11"/>
</beans:bean>

Login.jsp

<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html>
<head>
    <title>Custom Login Page</title>
</head>
<body>
<div class="container">
    <form method="POST" action="${contextPath}/login" class="form-signin">
        <h2 class="form-heading">Log in</h2>
        <div class="form-group ${error != null ? 'has-error' : ''}">
            <span>${message}</span>
            <input name="username" type="text" class="form-control" placeholder="Username"
                   autofocus="true"/>
            <input name="password" type="password" class="form-control" placeholder="Password"/>
            <span>${error}</span>
            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
            <button class="btn btn-lg btn-primary btn-block" type="submit">Log In</button>
            <h4 class="text-center"><a href="${contextPath}/registration">Create an account</a></h4>
        </div>
    </form>
</div>
</body>
</html>

Admin.jsp

<%@ page language="java" contentType="text/html; charset=ISO-8859-1"
         pageEncoding="ISO-8859-1"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
    <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
    <title>Spring Security Authentication and Authorization - Admin
        Page</title>
</head>
<body>

<div class="container">
    <c:if test="${pageContext.request.userPrincipal.name != null}">
        <form id="logoutForm" method="post" action="/logout">
            <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
        </form>

        <h2>Admin Page ${pageContext.request.userPrincipal.name} |
            <a onclick="document.forms['logoutForm'].submit()">Logout</a>
        </h2>
    </c:if>
</div>

</body>
</html>