I have a web application secured with spring security (Spring 3.1.0). Now if a

Question

0

Asked: May 27, 20262026-05-27T14:11:37+00:00 2026-05-27T14:11:37+00:00

I have a web application secured with spring security (Spring 3.1.0). Now if a

0

I have a web application secured with spring security (Spring 3.1.0). Now if a customer wants to register to my service, Spring Security say “No”. This makes sense because the user is not yet authorized.

The controller, which gets the register data is a spring mvc controller. I need to exclude this from spring security I think.

I’ve excluded some urls so far like this:

<intercept-url pattern="/index.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY" />

Is it possible, to exclude a (Spring MVC)Controller, or is this the wrong way to approach this?

By the way, I also tried to annotate tho at the method:

@PreAuthorize("hasRole('IS_AUTHENTICATED_ANONYMOUSLY')")

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-27T14:11:37+00:00

Editorial Team

2026-05-27T14:11:37+00:00Added an answer on May 27, 2026 at 2:11 pm

Why don’t you try permitAll instead?

<intercept-url pattern="/index.jsp" access="permitAll" />

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have a web application secured with spring security (Spring 3.1.0). Now if a

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply