intercept-url config doesn't work properly when 'anonymous' authentication disabled
I am trying to give GET access to to few URIs with 'permitAll' but this doesn't work when I disable 'anonymous' authentication. I am using spring-security 3.1.
To make it clear below config works:
<security:intercept-url pattern="/service/abc/**" access="permitAll" method="GET"/>
<security:intercept-url pattern="/**" access="isFullyAuthenticated()" />
I can access ../service/abc/* (GET req) without Login into application.
However when I change to <security:anonymous enabled="false"/>....
I always get redirected to login page for ../service/abc/* (GET req) .
Could someone please help and guide if I am missing something.
To add further, I need to disable anonymous authentication so that I can use spring-secuirty-oauth for facebook login.