diff --git a/infrastructure/gateway/build.gradle.kts b/infrastructure/gateway/build.gradle.kts
index f5e6f8aa..9686d5b5 100644
--- a/infrastructure/gateway/build.gradle.kts
+++ b/infrastructure/gateway/build.gradle.kts
@@ -29,7 +29,7 @@ dependencies {
     // 2. Spring Boot Security (ersetzt das "service.complete"-Bundle)
     // Dieses Bundle sollte spring-boot-starter-security, oauth2-client, oauth2-resource-server etc. enthalten
     // Temporär auskommentieren, um das Bundle als Fehlerquelle auszuschließen
-    // implementation(libs.bundles.spring.boot.security)
+     //implementation(libs.bundles.spring.boot.security)
 
     // Stattdessen die Abhängigkeiten direkt hinzufügen:
     implementation(libs.spring.boot.starter.security)
diff --git a/infrastructure/gateway/src/main/kotlin/at/mocode/infrastructure/gateway/security/SecurityConfig.kt b/infrastructure/gateway/src/main/kotlin/at/mocode/infrastructure/gateway/security/SecurityConfig.kt
index 403857fa..6a168783 100644
--- a/infrastructure/gateway/src/main/kotlin/at/mocode/infrastructure/gateway/security/SecurityConfig.kt
+++ b/infrastructure/gateway/src/main/kotlin/at/mocode/infrastructure/gateway/security/SecurityConfig.kt
@@ -6,7 +6,10 @@ import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity
 import org.springframework.security.config.web.server.ServerHttpSecurity
+import org.springframework.security.config.web.server.authenticated
 import org.springframework.security.config.web.server.invoke
+import org.springframework.security.config.web.server.pathMatchers
+import org.springframework.security.config.web.server.permitAll
 import org.springframework.security.web.server.SecurityWebFilterChain
 import org.springframework.web.cors.CorsConfiguration
 import org.springframework.web.cors.reactive.CorsConfigurationSource