chore(ping-service, security): integrate centralized security module and enhance Ping-Service

- Replaced local `SecurityConfig` in `ping-service` with the shared `infrastructure:security` module.
- Added `GlobalSecurityConfig` to standardize OAuth2, JWT validation, and CORS for all services.
- Introduced new endpoints (`/ping/public`, `/ping/secure`) with role-based access control.
- Updated database schema with Flyway migration (`V1__init_ping.sql`) and refactored persistence layer to align with the standardized approach (`createdAt` field).
- Enhanced application configuration (`application.yaml`) to use shared security and Flyway settings.

backend/infrastructure/gateway/src/main/resources/application.yaml

@@ -25,7 +25,12 @@ spring:
         response-timeout: 5s
       routes:
         - id: ping-service
-          uri: http://ping-service:8080
+          # Nutze lb:// wenn Service Discovery aktiv ist, sonst http://hostname:port
+          # Da wir Consul nutzen, ist lb://ping-service besser, aber für Tracer Bullet
+          # und direkte Docker-Kommunikation ist http://ping-service:8082 sicherer,
+          # falls Consul noch nicht 100% stabil ist.
+          # Wir nutzen hier den Docker Alias und den konfigurierten Port.
+          uri: http://ping-service:8082
           predicates:
             - Path=/api/ping/**
           filters:
@@ -42,13 +47,12 @@ management:
         include: health,info,prometheus
   tracing:
     sampling:
-      probability: 1.0 # 100% der Requests tracen (für Dev/Test sinnvoll, in Prod reduzieren)
+      probability: 1.0
     propagation:
-      type: w3c # Standard W3C Trace Context (kompatibel mit OpenTelemetry)
+      type: w3c
 
-# Gateway-spezifische Einstellungen
 gateway:
   ratelimit:
-    enabled: false # Start: ausgeschaltet; zum Aktivieren default-filters plus RequestRateLimiter in YAML hinzufügen
+    enabled: false
     replenish-rate: 10
     burst-capacity: 20