From 573613b9f14905c805351a27fad828abac68f635 Mon Sep 17 00:00:00 2001
From: Jakub Wachowski <jakub.wachowski@ts.fujitsu.com>
Date: Thu, 24 Nov 2016 10:56:36 +0100
Subject: [PATCH] Prevent unauthorized access to logs

It was possible to read logs of any project
knowing only the project id.

Related Bug-Id: 13215

Change-Id: I51769cdad76083b93f4b50fa7bbbe0e07684d8d1
---
 package.json                        | 4 ++--
 server/mt/routing/routes/default.js | 3 +++
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 2db9f31..f27050c 100644
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
   "name":            "fts-keystone",
-  "version":         "0.0.4",
-  "description":     "Keystone authentication & multitenancy support for Kibana 4.4.x",
+  "version":         "0.0.5",
+  "description":     "Keystone authentication & multitenancy support for Kibana 4.5.x",
   "author":          "Fujitsu Enabling Software Technology GmbH",
   "license":         "Apache-2.0",
   "keywords":        [
diff --git a/server/mt/routing/routes/default.js b/server/mt/routing/routes/default.js
index 28a937c..df5108d 100644
--- a/server/mt/routing/routes/default.js
+++ b/server/mt/routing/routes/default.js
@@ -19,6 +19,9 @@ module.exports = function defaultHandler(server, method, path) {
   return {
     method : method,
     path   : path,
+    config : {
+      auth : 'session'
+    },
     handler: {
       proxy: {
         mapUri     : (request, done) => {