Prevent unauthorized access to logs

It was possible to read logs of any project knowing only the project id. Related Bug-Id: 13215 Change-Id: I51769cdad76083b93f4b50fa7bbbe0e07684d8d1
2016-11-24 10:56:36 +01:00 · 2016-11-24 10:56:36 +01:00 · 573613b9f1
parent 50b53ab219
commit 573613b9f1
2 changed files with 5 additions and 2 deletions
--- a/package.json
+++ b/package.json
@ -1,7 +1,7 @@
 {
  "name":            "fts-keystone",
-  "version":         "0.0.4",
-  "description":     "Keystone authentication & multitenancy support for Kibana 4.4.x",
+  "version":         "0.0.5",
+  "description":     "Keystone authentication & multitenancy support for Kibana 4.5.x",
  "author":          "Fujitsu Enabling Software Technology GmbH",
  "license":         "Apache-2.0",
  "keywords":        [
--- a/server/mt/routing/routes/default.js
+++ b/server/mt/routing/routes/default.js
@ -19,6 +19,9 @@ module.exports = function defaultHandler(server, method, path) {
  return {
    method : method,
    path   : path,
+    config : {
+      auth : 'session'
+    },
    handler: {
      proxy: {
        mapUri     : (request, done) => {