spring security - replace .permitAll() method with a method that can provide access to only USER and COMP roles -

i want replace .permitall() method method can provide access user , comp roles

@override protected void configure(httpsecurity http) throws exception { http.authorizerequests().antmatchers("/success/**").permitall() //instead of .permiitall() want define access "user" , "comp" roles         .antmatchers("/userprofilehomepage/**").access("hasrole('user')")         .antmatchers("/companyhome/**").access("hasrole('comp')")         .and().formlogin().loginpage("/login")         .failureurl("/login?error").usernameparameter("username").passwordparameter("password")         .defaultsuccessurl("/success").and().logout().logoutsuccessurl("/login?logout").and().csrf()         .disable().exceptionhandling().accessdeniedpage("/error"); }