Update 12/2017: It will need an update/rewrite since Spring Security 5 is coming.
Spring Security had some opinions of being complicated to use. Well, of course it's quite complicated when you look at it, as its scope covers a lot of use-cases. Thing is that, truly in a Spring spirit, you don't have to use every feature there is at once for the use-case you are having. In fact, when you start cherry-picking and back it with Spring Boot, it doesn't appear so complicated anymore.