Spring Security出现问题：Access is denied

报错情况如下：

在登录的时候报错，如下：

org.springframework.security.access.AccessDeniedException: Access is denied		

spring-security.xml代码：

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework/schema/beans"
       xmlns:security="http://www.springframework/schema/security"
       xmlns:xsi="http://www.w3/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.springframework/schema/beans
    http://www.springframework/schema/beans/spring-beans.xsd
    http://www.springframework/schema/security
    http://www.springframework/schema/security/spring-security.xsd">

    <!--配置不拦截资源-->
    <security:http pattern="/login.jsp" security="none" />
    <security:http pattern="/failer.jsp" security="none" />
    <security:http pattern="/css/**" security="none" />
    <security:http pattern="/img/**" security="none" />
    <security:http pattern="/plugins/**" security="none" />


    <!--
        配置具体规则
        auto-config="true" 不用自己编写登录的页面，框架提供默认登录页面
        use-expression="false" 是否使用SPEL表达式（没学过）
    -->
    <security:http auto-config="true" use-expressions="false">
        <!--配置具体拦截规则 pattern="请求路径的规则" access="访问系统的人,必须有ROLE_ROSE的角色"-->
        <security:intercept-url pattern="/**" access="ROLE_USER,ROLE_ADMIN" />

        <!--定义跳转的具体页面-->
        <security:form-login
            login-page="/login.jsp"
            login-processing-url="/login.do"
            default-target-url="/index.jsp"
            authentication-failure-url="/failer.jsp"
            authentication-success-forward-url="/pages/main.jsp"
        />
        <!--关闭跨域请求-->
        <security:csrf disabled="true"/>
        <!--退出-->
        <security:logout invalidate-session="true" logout-url="/logout.do" logout-success-url="/login.jsp" />
    </security:http>

    <!--切换成数据库中的用户名和密码-->
    <security:authentication-manager>
        <security:authentication-provider user-service-ref="userService">
            <!--配置加密方式
            <security:password-encoder ref="passwordEncoder" />-->
        </security:authentication-provider>
    </security:authentication-manager>

    <!--配置加密类-->
    <bean id="passwordEncoder" class="org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder" />
</beans>

解决方案：
1.参考了https://blog.csdn/txd2016_5_11/article/details/86630247之后查看access="ROLE_USER,ROLE_ADMIN"并没有写错
2.后来找到原因是因为如下图：