diff --git a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
index 61a0a8c..c1c1199 100644
--- a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
+++ b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
@@ -29,6 +29,7 @@ import org.springframework.security.web.authentication.AuthenticationFailureHand
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
 import ru.ulstu.core.model.AuthFailureHandler;
+import ru.ulstu.core.navigation.Page;
 import ru.ulstu.user.model.UserRoleConstants;
 import ru.ulstu.user.service.UserService;
 
@@ -76,8 +77,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
-        http.csrf()
-                .disable();
+        http.csrf().disable();
         if (applicationProperties.isDevMode()) {
             log.debug("Security disabled");
             http.authorizeRequests()
@@ -92,6 +92,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                     .permitAll()
                     .anyRequest()
                     .authenticated()
+                    .antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
                     .and()
                     .formLogin()
                     .loginPage("/login.xhtml")
@@ -108,12 +109,12 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                     .tokenEndpoint()
                     .accessTokenResponseClient(accessTokenResponseClient())
                     .and()
-                    .defaultSuccessUrl("/index.xhtml")
+                    .defaultSuccessUrl(Page.INDEX)
                     .failureUrl("/loginFailure")
                     .and()
                     .logout()
                     .logoutSuccessHandler(logoutSuccessHandler)
-                    .logoutSuccessUrl(Constants.LOGOUT_URL)
+                    .logoutSuccessUrl(Page.LOGOUT)
                     .invalidateHttpSession(true)
                     .clearAuthentication(true)
                     .deleteCookies(Constants.COOKIES_NAME)
@@ -191,79 +192,4 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
             throw new BeanInitializationException("Security configuration failed", e);
         }
     }
-
-   /* @Override
-    protected void configure(HttpSecurity http) throws Exception {
-        http.csrf()
-                .disable();
-        if (applicationProperties.isDevMode()) {
-            log.debug("Security disabled");
-            http.authorizeRequests()
-                    .anyRequest()
-                    .permitAll();
-            http.anonymous()
-                    .principal("admin")
-                    .authorities(UserRoleConstants.ADMIN);
-        } else {
-            log.debug("Security enabled");
-            http.authorizeRequests()
-                    .antMatchers(UserController.ACTIVATE_URL).permitAll()
-                    .antMatchers(Constants.PASSWORD_RESET_REQUEST_PAGE).permitAll()
-                    .antMatchers(Constants.PASSWORD_RESET_PAGE).permitAll()
-                    .antMatchers("/users/block").permitAll()
-                    .antMatchers(UserController.URL + UserController.REGISTER_URL).permitAll()
-                    .antMatchers(UserController.URL + UserController.ACTIVATE_URL).permitAll()
-                    .antMatchers(UserController.URL + UserController.PASSWORD_RESET_REQUEST_URL).permitAll()
-                    .antMatchers(UserController.URL + UserController.PASSWORD_RESET_URL).permitAll()
-                    .antMatchers("/swagger-ui.html").hasAuthority(UserRoleConstants.ADMIN)
-                    .anyRequest().authenticated()
-                    .and()
-                    .formLogin()
-                    .loginPage("/login.xhtml")
-                    .successHandler(authenticationSuccessHandler)
-                    .failureHandler(authenticationFailureHandler)
-                    .permitAll()
-                    .and()
-                    .logout()
-                    .logoutSuccessHandler(logoutSuccessHandler)
-                    .logoutSuccessUrl(Constants.LOGOUT_URL)
-                    .invalidateHttpSession(false)
-                    .clearAuthentication(true)
-                    .deleteCookies(Constants.COOKIES_NAME)
-                    .permitAll();
-        }
-        if (applicationProperties.isUseHttps()) {
-            http.portMapper()
-                    .http(httpPort)
-                    .mapsTo(httpsPort)
-                    .and()
-                    .requiresChannel()
-                    .anyRequest()
-                    .requiresSecure();
-        }
-
-    }
-
-    @Override
-    public void configure(WebSecurity web) {
-        web.ignoring()
-                .antMatchers("/css/**")
-                .antMatchers("/javax.faces.resource/**")
-                .antMatchers("/js/**")
-                .antMatchers("/templates/**")
-                .antMatchers("/webjars/**")
-                .antMatchers("/img/**");
-    }
-
-    @Autowired
-    public void configureGlobal(AuthenticationManagerBuilder auth) {
-        if (applicationProperties.isDevMode()) {
-            return;
-        }
-        try {
-            auth.userDetailsService(userService).passwordEncoder(bCryptPasswordEncoder);
-        } catch (Exception e) {
-            throw new BeanInitializationException("Security configuration failed", e);
-        }
-    }*/
 }