How to properly authenticate in Spring Security?

When I start my project, he should ask the admin for his login and password, only after he enters the data and if they are correct, then only then will he have access to the rest of the JSP pages (for example, for now I have the main page (allStudents.jsp). So I seem to have written everything correctly, but it ignores my "login.jsp" and without asking to log in automatically logs in without a login and password.You can see if I wrote the authentication correctly.

package adil.java.schoolmaven.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.authentication.www.BasicAuthenticationFilter;
import org.springframework.stereotype.Component;

@Order(1)
@Configuration
@EnableWebSecurity
@Component
public class СostumWebSecurityConfigurerAdapter extends WebSecurityConfigurerAdapter {
 
    @Autowired
    private MyBasicAuthenticationEntryPoint authenticationEntryPoint;
 
    @Autowired
    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
        auth.inMemoryAuthentication()
          .withUser("admin").password(passwordEncoder().encode("1234"))
          .authorities("ROLE_ADMIN");
    }
 
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
          .antMatchers("/allStudents").hasRole("ADMIN");
          .anyRequest().authenticated()
          .and()
          .httpBasic()
          .authenticationEntryPoint(authenticationEntryPoint);
 
        http.addFilterAfter(new CustomFilter(),
          BasicAuthenticationFilter.class);
    }
 
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
}

package adil.java.schoolmaven.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.servlet.ModelAndView;

@Controller
public class  AuthorizationController{

  
  @RequestMapping(value="/admin", method = RequestMethod.GET)
  public ModelAndView adminPage() {

    ModelAndView m = new ModelAndView();
    m.addObject("title", "Вы успешно вошли");
    m.addObject("message", "home");
    m.setViewName("admin");
                
                return new ModelAndView("redirect: allStudents");
    
  }

  
  @RequestMapping(value = "/login", method = RequestMethod.POST)
  public ModelAndView login(@RequestParam(value = "error", required = false) String error, 
      @RequestParam(value = "logout", required = false) String logout) {

    ModelAndView m = new ModelAndView();
    if (error != null) {
      m.addObject("error", "Неверный логин и пароль");		
    }

    if (logout != null) {
      m.addObject("msg", "Вы успешно вышли");		
    }

    m.setViewName("login");
     
                 return m;
  }
}