H2-Console is not showing in browser
By default Spring Security disables rendering within an iframe because allowing a webpage to be added to a frame can be a security issue, for example Clickjacking. Since H2 console runs within a frame so while Spring security is enabled, frame options has to be disabled explicitly, in order to get the H2 console working.
http.headers().frameOptions().disable();
In general there are two possible directives for X-Frame-Options, which are DENY or SAMEORIGIN, so the following configuration can also be used for restricted but secured access.
headers().frameOptions().sameOrigin();
This allows the page to be displayed in a frame on the same origin as the page itself
Apart from @Alien's response, I had to add http.csrf().disable();
also.
add this two lines in your spring security file and you are good to go.
http.csrf().disable();
http.headers().frameOptions().disable();