From 596d2339b4366c9fdc267650a5dd10a2f34e3f37 Mon Sep 17 00:00:00 2001
From: "nightvision-pr-creator[bot]"
 <nightvision-pr-creator[bot]@users.noreply.github.com>
Date: Mon, 30 Mar 2026 15:31:50 +0000
Subject: [PATCH] fix: Security remediation for Missing authentication
 enforcement on /search

---
 src/main/java/hawk/MultiHttpSecurityConfig.java | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/java/hawk/MultiHttpSecurityConfig.java b/src/main/java/hawk/MultiHttpSecurityConfig.java
index 77b5d92..d3eb076 100644
--- a/src/main/java/hawk/MultiHttpSecurityConfig.java
+++ b/src/main/java/hawk/MultiHttpSecurityConfig.java
@@ -108,7 +108,9 @@ public static class BasicAuthWebSecurityConfigurerAdapter extends WebSecurityCon
         @Override
         protected void configure(HttpSecurity http) throws Exception {
             http
-                    .antMatcher("/api/basic/**")
+                    .requestMatchers()
+                        .antMatchers("/api/basic/**", "/search")
+                    .and()
                     .csrf().disable()
                     .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 .and()