diff --git a/wise-webapp/doc/REST Services.md b/wise-webapp/doc/REST Services.md
index ed5b0805..8e376a12 100644
--- a/wise-webapp/doc/REST Services.md	
+++ b/wise-webapp/doc/REST Services.md	
@@ -37,6 +37,6 @@ Template Path: /service/admin/users/{userId}/password
 Creating a new user:
  * Template Path: /service/admin/users/
  * Method: Post
- * curl "http://{host.name}:{host.port}/{context.path}/service/admin/users" --request POST --basic -u "admin@wisemapping.org:test" -H "Content-Type:application/json" --data '{"email": "te2@mydomain.de", "lastname": "lastname", "firstname":"myfirstname","password":"password"}'
+ * curl "http://{host.name}:{host.port}/{context.path}/service/admin/users/" --request POST --basic -u "admin@wisemapping.org:test" -H "Content-Type:application/json" --data '{"email": "te2@mydomain.de", "lastname": "lastname", "firstname":"myfirstname","password":"password"}'
 
 
diff --git a/wise-webapp/pom.xml b/wise-webapp/pom.xml
index 4a6fda7a..47afcf69 100644
--- a/wise-webapp/pom.xml
+++ b/wise-webapp/pom.xml
@@ -175,16 +175,16 @@
             <artifactId>commons-dbcp2</artifactId>
             <version>2.9.0</version>
         </dependency>
-        <dependency>
-            <groupId>org.hibernate</groupId>
-            <artifactId>hibernate-ehcache</artifactId>
-            <version>5.6.15.Final</version>
-        </dependency>
-        <dependency>
-            <groupId>javax.cache</groupId>
-            <artifactId>cache-api</artifactId>
-            <version>1.1.1</version>
-        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>org.hibernate</groupId>-->
+<!--            <artifactId>hibernate-ehcache</artifactId>-->
+<!--            <version>5.6.15.Final</version>-->
+<!--        </dependency>-->
+<!--        <dependency>-->
+<!--            <groupId>javax.cache</groupId>-->
+<!--            <artifactId>cache-api</artifactId>-->
+<!--            <version>1.1.1</version>-->
+<!--        </dependency>-->
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-core</artifactId>
diff --git a/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java b/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java
index 545cdcf9..00bc670d 100644
--- a/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java
+++ b/wise-webapp/src/main/java/com/wisemapping/config/SecurityConfig.java
@@ -11,7 +11,6 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.core.annotation.Order;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
-import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.SecurityFilterChain;
@@ -21,7 +20,7 @@ import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
 
 
 @Configuration
-@EnableWebSecurity(debug = true)
+@EnableWebSecurity
 public class SecurityConfig {
     @Autowired
     UserService userService;
@@ -62,7 +61,7 @@ public class SecurityConfig {
 
     @Bean
     @Order(1)
-    public SecurityFilterChain filterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
+    public SecurityFilterChain mvcFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
         final AuthenticationSuccessHandler authenticationSuccessHandler = new AuthenticationSuccessHandler();
         authenticationSuccessHandler.setAlwaysUseDefaultTargetUrl(false);
         authenticationSuccessHandler.setDefaultTargetUrl("/c/maps/");
@@ -78,12 +77,9 @@ public class SecurityConfig {
                         (auth) ->
                                 auth
                                         .requestMatchers("/login", "logout").permitAll()
-                                        .requestMatchers("/registration", "registration-success").permitAll()
-                                        .requestMatchers("/registration-google").permitAll()
+                                        .requestMatchers("/registration", "registration-success", "/registration-google").permitAll()
                                         .requestMatchers("/forgot-password", "/forgot-password-success").permitAll()
-                                        .requestMatchers("/maps/*/embed").permitAll()
-                                        .requestMatchers("/maps/*/try").permitAll()
-                                        .requestMatchers("/maps/*/public").permitAll()
+                                        .requestMatchers("/maps/*/embed", "/maps/*/try", "/maps/*/public").permitAll()
                                         .requestMatchers("/restful/maps/*/document/xml-pub").permitAll()
                                         .requestMatchers("/**").hasAnyRole("USER", "ADMIN")
                                         .anyRequest().authenticated())
@@ -112,8 +108,12 @@ public class SecurityConfig {
     }
 
     @Bean
-    public WebSecurityCustomizer webSecurityCustomizer() {
-        return (web) -> web.ignoring().requestMatchers("/static/**", "/css/**", "/js/**", "/images/**");
+    @Order(3)
+    public SecurityFilterChain shareResourcesFilterChain(@NotNull final HttpSecurity http, @NotNull final HandlerMappingIntrospector introspector) throws Exception {
+        return http.authorizeHttpRequests(
+                (auth) ->
+                        auth.requestMatchers("/static/**", "/css/**", "/js/**", "/images/**", "/").permitAll()
+        ).build();
     }
 
     @Bean