Spring Role Hierarchy: NullPointerException

I'm trying to implement Role hierarchy and then use it in method security.
For the simplicity its just two roles here: ADMIN and GOAL. ADMIN includes GOAL.
I created RoleHierarchy Bean in a separate Configuration file, because some people here stated that Spring Security filters need to be configured quite early.

I'm getting following errors:
When I'm accessing the controller I'm getting a NullPointer error (which stated below)
Another controllers which stated in antMatchers stops working too with the same error.

Questions:
1.Where is the error?
2.Do I need to declare my custom hierarchy in GlobalMethodSecurityConfiguration or WebSecurityConfigurerAdapter or both?

Source code:


RoleHierarchy Bean
@Configuration public class CustomRoleHierarchy extends RoleHierarchyImpl  {    @Bean    public RoleHierarchyImpl roleHierarchy() {        RoleHierarchyImpl roleHierarchy = new RoleHierarchyImpl();        roleHierarchy.setHierarchy("ADMIN > GOAL");        return roleHierarchy;    } }

GlobalMethodSecurityConfiguration
@EnableGlobalMethodSecurity(securedEnabled = true, prePostEnabled = true, jsr250Enabled = true, proxyTargetClass = true) public class CustomMethodSecurityConfig extends GlobalMethodSecurityConfiguration {    @Autowired    CustomPermissionEvaluator permissionEvaluator;    @Autowired    CustomRoleHierarchy roleHierarchy;    @Override    protected MethodSecurityExpressionHandler createExpressionHandler() {        DefaultMethodSecurityExpressionHandler handler = new DefaultMethodSecurityExpressionHandler();        handler.setPermissionEvaluator(permissionEvaluator);        handler.setRoleHierarchy(roleHierarchy);        return handler;    }

WebSecurityConfigurerAdapter
@Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter {    @Autowired    CustomRoleHierarchy roleHierarchy;    public SecurityExpressionHandler<FilterInvocation> webExpressionHandler() {        DefaultWebSecurityExpressionHandler expressionHandler = new DefaultWebSecurityExpressionHandler();        expressionHandler.setRoleHierarchy(roleHierarchy);        return expressionHandler;    }    @Override    protected void configure(HttpSecurity http) throws Exception {    //Main method for Spring's web security        http            // URL checks            .authorizeRequests()                .expressionHandler(webExpressionHandler()) //Added for using Role hierarchy                .antMatchers("/resource/**").permitAll() //All users can see it                .antMatchers("/users/**","/roles/**").hasAuthority("ADMIN") //Only users with Admin Role can see it                .anyRequest().authenticated() //All another URL requires authorization                .and()

Controller
Tried to also use @PreAuthorize("hasRole('ROLE_GOAL')" or @PreAuthorize("hasRole('GOAL')".
   @RequestMapping(value = WEB_URL, method = RequestMethod.GET)    @PreAuthorize("hasAuthority('GOAL')")    public String goalList (Model model) {    ...

Error when accesssing the controller:
java.lang.NullPointerException: null    at org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl.getRolesReachableInOneOrMoreSteps(RoleHierarchyImpl.java:164) ~[spring-security-core-5.1.4.RELEASE.jar:5.1.4.RELEASE]    at org.springframework.security.access.hierarchicalroles.RoleHierarchyImpl.getReachableGrantedAuthorities(RoleHierarchyImpl.java:122) ~[spring-security-core-5.1.4.RELEASE.jar:5.1.4.RELEASE]    at org.springframework.security.access.expression.SecurityEx