It's good to hear more demands on security, as that's one big concern for commercial usage. If you are fine with the model of "open to only given group of people", you could try plugin( jetty ) and try enable authentication from there(not something out of box). But that is just some workaround. You don't have control over which REST API to be exposed. And you still can't secure you transport interface.
My 2 cents! -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/CAP0hgQ39F-aXZ6nc4VyzvDFx_-PVKcNrkhjaqi19qeUOf_smzw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
