Spring Security does allow you to configure multiple AuthenticationEntryPoint for your application, if needed.
Since Spring Security 3.0.2, org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint looks at all declared AuthenticationEntryPoint in the configurations and executes them.
Since Spring Security 5.x, we have org.springframework.security.web.server.DelegatingServerAuthenticationEntryPoint, which uses reactive data types and brings in asynchronous nature to its execution.
The defaultAuthenticationEntryPointFor() method in the Spring Security configuration can also be employed to set up multiple entry points looking at different URL matching (see the following code snippet): ...