I want to make a couple of Vaadin (v22) views accessible without a login, i.e. make them publicly available. I looked at this tutorial, which is probably outdated: https://vaadin.com/learn/tutorials/securing-your-app-with-spring-security There it says, that all views not using the @Secured annotation are publicly accessible. In my case it is different. Nothing is accessible at all, unless anotated with @PermitAll then logged