How do I exclude certain Vaadin views from authentication?

I want to make a couple of Vaadin (v22) views accessible without a login, i.e. make them publicly available. I looked at this tutorial, which is probably outdated: https://vaadin.com/learn/tutorials/securing-your-app-with-spring-security There it says, that all views not using the @Secured annotation are publicly accessible. In my case it is different. Nothing is accessible at all, unless anotated with @PermitAll then logged in users can access the page.

Answer

As ever so often, I found the answer while preparing the question.

The annotation to use is @AnonymousAllowed

Example:

@Route(value = "/welcome", layout = PublicLayout.class)
@RouteAlias(value = "", layout = PublicLayout.class)
@AnonymousAllowed
public class PublicWelcomePage extends Div {
   // create your view here 
}

@Route(value = "/welcome", layout = PublicLayout.class)

@RouteAlias(value = "", layout = PublicLayout.class)

@AnonymousAllowed

public class PublicWelcomePage extends Div {

   // create your view here 

}

​

Official Vaadin v22 docs