This repository has been archived by the owner on Mar 4, 2019. It is now read-only.
v1.1.0 compatible with ES 1.1.0 / security fix
fixed security problem in ip authentication.
security problem introduced in commit 53d1cf8
changes:
- remove usage of 'Host' header to identify client's ip
- the request ip is used to ip authenticate direct connected clients
- add usage of trusted proxy chain
- the trusted proxy chain is used to ip authenticate indirect connected clients
- added unit and integration tests
- updated log messages