You probably want to make sure to have your directory containing those items set as permitAll.
Here’s an excerpt from my spring security context file. Under the resources directory, I have js, css, and images folders which are given permissions by this line.
<security:intercept-url pattern="/resources/**" access="permitAll" />