diff --git a/powerauth-webflow-client/src/main/java/io/getlime/security/powerauth/app/webflow/demo/configuration/SecurityConfiguration.java b/powerauth-webflow-client/src/main/java/io/getlime/security/powerauth/app/webflow/demo/configuration/SecurityConfiguration.java
index 547e78895..479da5609 100644
--- a/powerauth-webflow-client/src/main/java/io/getlime/security/powerauth/app/webflow/demo/configuration/SecurityConfiguration.java
+++ b/powerauth-webflow-client/src/main/java/io/getlime/security/powerauth/app/webflow/demo/configuration/SecurityConfiguration.java
@@ -33,6 +33,7 @@
 import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationRequest;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
 import java.util.LinkedHashMap;
 import java.util.Map;
@@ -63,7 +64,12 @@ public SecurityFilterChain filterChain(final HttpSecurity http) throws Exception
         return http
                 .httpBasic(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(requests -> requests
-                        .requestMatchers("/", "/home", "/css/**", "/js/**", "/images/**").permitAll()
+                        .requestMatchers(new AntPathRequestMatcher("/"),
+                                new AntPathRequestMatcher("/home"),
+                                new AntPathRequestMatcher("/css/**"),
+                                new AntPathRequestMatcher("/js/**"),
+                                new AntPathRequestMatcher("/images/**"))
+                        .permitAll()
                         .anyRequest().fullyAuthenticated()
                 )
                 .oauth2Login(login -> login