Spring Security filter chain not ignoring specified path [duplicate]

Answer 1

Just a suggestion.

Is it possible, that you are hitting not authentication, but cors?

Authentication - HTTP status 401

CORS - HTTP status 403

if you enable cors and don't configure it, it doesn't permitt any cros-origin requests. From CorsConfiguration javadoc:

By default a newly created CorsConfiguration does not permit any cross-origin requests and must be configured explicitly to indicate what should be allowed.