To elaborate on Arno's points and to test the paths mentioned in the question, I created my example repository.

To avoid "/login" in CustomFilter, I used the code:

        HttpServletRequest httpRequest = (HttpServletRequest) request;
        if (Objects.equals(httpRequest, null)){
            chain.doFilter(request, response);
            return;
        }
        String requestPath = httpRequest.getRequestURI();
        if (requestPath.equals("/login")) {
            chain.doFilter(request, response);
            return;
        }

To test, after starting Spring Boot by ./mvnw spring-boot:run, you might open http://127.0.0.1:8080 in the browser and test if paths work for you:

/api/v1/
/api/v2
/api/v2/page/3
/profile/users/alexander/page/5
/custom/users/elizabeth/page/7
/custom/long/path/users/felix/page/9
/login

In the question

Please let me know how I can have separate rules for different urls.

I think a different SecurityFilterChain could be used for different paths.

I noticed other issues in the paths in the question.

This error below told me that this pattern of */users/{userId}/** will not be supported.

One of the patterns in [*/users/{userId}/**] is missing a leading slash. This is discouraged; please include the leading slash in all your request matcher patterns. In future versions of Spring Security, leaving out the leading slash will result in an exception.

Then, I tried /*/users/{userId}/** and the error was gone.

The latest path pattern supports ** or * at the end but not at the beginning.

In contrast to AntPathMatcher, ** is supported only at the end of a pattern. For example /pages/{**} is valid but /pages/{**}/details is not. The same applies also to the capturing variant {*spring}. The aim is to eliminate ambiguity when comparing patterns for specificity.

I think this incompatible change was designed to eliminate the ambiguity.

If you just copy the pattern in AntPathMatcher and paste this pattern in requestMatchers, the effect will not always be the same because the path patterns are interpreted differently. That means, to start improving, the paths could be improved by an example pattern /left/prefix/path/**, not /*/asterisk/path/**.