Spring Security: Token based authentication and JSR 250

Question

@RestController
public class ApplicationController {

    @PermitAll
    @RequestMapping(value = "/", method = RequestMethod.GET)
    public String index() {
        return "Greetings from ContextConfig Boot!";
    }

    @RolesAllowed({"ADMIN"})
    @RequestMapping(value = "/secured", method = RequestMethod.GET)
    public String secured() {
        return "Secured :)";
    }
}

Token is send in header "X-AUTH-TOKEN".

@Configuration
@EnableWebSecurity
@EnableGlobalMethodSecurity(jsr250Enabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(HttpSecurity http) throws Exception {
    }
}

This actual spring security configuration. How to configure spring security when user send token in header and hase role "ADMIN" he will be allowed to access "secured"?