diff --git a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
index c4dc2a28bce39732a0ca57e16539ee46fa813bd8..dfc5d4e475634dfc3bf8754bb3ea6584953313c7 100644
--- a/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
+++ b/src/main/java/eu/hbp/mip/configurations/SecurityConfiguration.java
@@ -25,12 +25,12 @@ import javax.servlet.http.HttpServletRequest;
 @KeycloakConfiguration
 public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter {
 
-    @Value("#{'${authentication.enabled}'}")
-    private boolean authenticationEnabled;
-
     // Redirect to login page url
     private static final String logoutRedirectURL = "/sso/login";
 
+    @Value("#{'${authentication.enabled}'}")
+    private boolean authenticationEnabled;
+
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         super.configure(http);
@@ -38,7 +38,7 @@ public class SecurityConfiguration extends KeycloakWebSecurityConfigurerAdapter
         if (authenticationEnabled) {
             http.authorizeRequests()
                     .antMatchers(
-                            "/sso/login", "/webjars/**",
+                            "/sso/login",
                             "/v2/api-docs", "/swagger-ui/**", "/swagger-resources/**"  // Swagger URLs
                     ).permitAll()
                     .antMatchers("/galaxy*", "/galaxy/*").hasRole("DATA MANAGER")