changelog 31.3 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
lemonldap-ng (1.0.2) stable; urgency=low

    * [LEMONLDAP-263] - Common::Apache::Session uses wrong serialization
      algorithm with Postgres
    * [LEMONLDAP-264] - sessions explorer is not protected by LemonLDAP
    * [LEMONLDAP-265] - authenticationLevel not honored
    * [LEMONLDAP-266] - logout_app in rules break the manager
    * [LEMONLDAP-267] - portalOpenLinkInNewWindow has no effect
    * [LEMONLDAP-268] - logout_app and logout_app_sso does not work with
      Lemonldap::NG::Handler::Proxy
    * [LEMONLDAP-269] - Reset password feature does not work with AuthChoice
    * [LEMONLDAP-270] - Safe.pm 2.27 restrict the usage of custom functions
    * [LEMONLDAP-271] - Portal configuration cache not reset after
      configuration change in Manager
    * [LEMONLDAP-272] - DBI authentication level not honored
    * [LEMONLDAP-274] - Redirection URL is not good in Handler::CGI::_uri
      function
    * [LEMONLDAP-277] - Debian packaging requires libnet-ldap-perl >=1:0.38
    * [LEMONLDAP-278] - Pb in Debian package liblemonldap-ng-conf-perl
    * [LEMONLDAP-279] - handler-apache2.conf not shipped with Debian
    * [LEMONLDAP-280] - Empty menu categories are not hidden
    * [LEMONLDAP-281] - [Debian bug #612719] Package description outdated
    * [LEMONLDAP-273] - Require jQuery 1.4+ in Debian packaging
    * [LEMONLDAP-275] - use $ENV{SCRIPT_FILENAME} instead of
      $ENV{DOCUMENT_ROOT} to referer to different htdocs directories

Xavier Guimard's avatar
Xavier Guimard committed
27 28
lemonldap-ng (1.0.1) stable; urgency=low

Xavier Guimard's avatar
Xavier Guimard committed
29 30 31 32 33 34 35
    * [LEMONLDAP-258] - Portal with $vhost in Handler does not work
    * [LEMONLDAP-261] - Session explorer does not work with LDAP backend
    * [LEMONLDAP-262] - Sessions not purged with Apache::Session::File
    * [LEMONLDAP-263] - Common::Apache::Session uses wrong serialization
      algorithm with Postgres
    * [LEMONLDAP-257] - Integrate manager access directly in portal
    * [LEMONLDAP-240] - Translation framework for doc
Xavier Guimard's avatar
Xavier Guimard committed
36

37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205
lemonldap-ng (1.0) stable; urgency=low

    * [LEMONLDAP-1] - ldapGroupAttributeNameSearch not well Serialized by
      Manager
    * [LEMONLDAP-11] - Manager is not working with jQuery 1.4
    * [LEMONLDAP-17] - reloadAuthParams function can destroy configuration
      values
    * [LEMONLDAP-45] - logout_app_sso not accepted by Manager
    * [LEMONLDAP-63] - Error when selecting a deleted session in Sessions
      Explorer
    * [LEMONLDAP-65] - Cannot set empty values in textarea in Manager
    * [LEMONLDAP-92] - Cannot change password from menu
    * [LEMONLDAP-93] - LDAP connection error on high load
    * [LEMONLDAP-99] - Special UTF-8 characters cannot be sent in HTTP-BASIC
    * [LEMONLDAP-117] - Invalid use of Safe to access APR::Table module
      (LL::NG not working on RHEL5.5)
    * [LEMONLDAP-118] - Cannot store configuration in Postgresql DB
    * [LEMONLDAP-125] - SAML request is lost in portal user interaction
      (remove other sessions for example)
    * [LEMONLDAP-127] - Can not set samlStorageOptions from Manager
    * [LEMONLDAP-128] - LemonLDAP::NG not compatible with perl-LDAP 0.4001
    * [LEMONLDAP-132] - Can't refuse SAML federation
    * [LEMONLDAP-133] - SAML sessions are displayed as "other sessions"
    * [LEMONLDAP-134] - Sessions created by AuthSAML are not displayed in
      sessions explorer
    * [LEMONLDAP-136] - Metadatas bad displayed in manager
    * [LEMONLDAP-137] - Portal value is not used to fill default values in
      Manager
    * [LEMONLDAP-138] - Password of a private key is not erased when
      generating a new key without password
    * [LEMONLDAP-142] - Sessions explorer hides password value stored in
      sessions datas
    * [LEMONLDAP-143] - Invalid message with artefact POST from SP to IDP
    * [LEMONLDAP-144] - Signature verification fail on SP side received
      artifact message
    * [LEMONLDAP-145] - Double utf-8 encoding in SOAP requests
    * [LEMONLDAP-150] - Error code: 200, SyntaxError: JSON.parse with value
      with spaces
    * [LEMONLDAP-156] - confirm parameter is not secured
    * [LEMONLDAP-161] - RelayState value given by SP is HTML reencoded
    * [LEMONLDAP-167] - Bug with trunk installed from scratch
    * [LEMONLDAP-169] - IssuerDB CAS : ticket is added 2 times in URL with a
      service URL containing parameters
    * [LEMONLDAP-170] - SAML: artifact resolution URL is not in authForce
      method
    * [LEMONLDAP-172] - Google Apps SSO not working with Lasso 2.3.2
    * [LEMONLDAP-177] - OpenID provider cache login/password information:
      cannot login after bad password
    * [LEMONLDAP-179] - OpenID provider does not honor SREG request if only
      optional attributes
    * [LEMONLDAP-182] - Pages displayed by confirm return a 500 error under
      cgi-script
    * [LEMONLDAP-187] - lmAttrOrMacro test in Manager is not suitable for
      OpenID SREG attributes
    * [LEMONLDAP-189] - Cleanup process slows down considerably the Apache
      server
    * [LEMONLDAP-190] - Display must display the menu when process() returns
      an eror but user is authenticated
    * [LEMONLDAP-198] - Cross domain does not work anymore
    * [LEMONLDAP-200] - Restore persistent session does not work if
      whatToTrace is a macro
    * [LEMONLDAP-201] - OpenID tests are not correctly skipped if no OpenID
      module
    * [LEMONLDAP-202] - searchOn no working with SAML and
      Apache::Session::File
    * [LEMONLDAP-207] - Confirm stamp is not used everywhere in SAML IDP
      selection
    * [LEMONLDAP-214] - Auth choice is not working with several authentication
      forms
    * [LEMONLDAP-215] - DBI authentication not working with prepared
      statements
    * [LEMONLDAP-216] - getLocalConf called without 2nd argument
    * [LEMONLDAP-223] - Offline doc css referer to unexistant directory /lib/
    * [LEMONLDAP-224] - Manager window size is bigger than screen
    * [LEMONLDAP-228] - Apache::Session::Browseable searchOn functions broken
      by new Apache::Session wrapper
    * [LEMONLDAP-229] - Multi not useable on Manager
    * [LEMONLDAP-230] - SOAP config backend broken
    * [LEMONLDAP-232] - Cannot configure several LDAP servers in Manager
    * [LEMONLDAP-233] - Debian manager broken with jquery-ui 1.8.6
    * [LEMONLDAP-235] - Session creation test in Manager does not work with
      SOAP session backend
    * [LEMONLDAP-237] - Single logout broken by AuthChoice
    * [LEMONLDAP-239] - key type of portalDisplayAppList must be boolean
    * [LEMONLDAP-242] - CAS proxy ticket is always asked with CAS
      authentication
    * [LEMONLDAP-16] - Use parameterized statements in DBI to prevent SQL
      injection
    * [LEMONLDAP-58] - Catch ENV variables to fill session for all UserDB
      modules
    * [LEMONLDAP-97] - Add configuration parameters for private keys passwords
    * [LEMONLDAP-103] - String encoding in sessions
    * [LEMONLDAP-120] - Force UTF-8 in File backend
    * [LEMONLDAP-130] - Create a "reload" vhost independant from test
      applications
    * [LEMONLDAP-131] - SAML documentation
    * [LEMONLDAP-147] - Add an activation parameter for each IssuerDB
    * [LEMONLDAP-148] - Register SSO session_id in SAML sessions
    * [LEMONLDAP-149] - Add auhtForce, authFinish and authLogout methods in
      all authentication modules
    * [LEMONLDAP-152] - Configure authenticationLevel for authentication
      backends
    * [LEMONLDAP-154] - Work on session manager eyecandy
    * [LEMONLDAP-157] - Warning messages in make test
    * [LEMONLDAP-160] - Display lib for portal
    * [LEMONLDAP-168] - Delete local session when logout URL is cached
    * [LEMONLDAP-178] - Use same Apache conf files for default and Debian
      install
    * [LEMONLDAP-180] - Explain messages displayed in error.log (except debug)
    * [LEMONLDAP-181] - Manager must warn when portal is not in "domain"
    * [LEMONLDAP-186] - CAS Issuer parameters in Manager
    * [LEMONLDAP-188] - Use autoloader to reduce handler size
    * [LEMONLDAP-191] - Use persistent storage for SAML persistent NameID
    * [LEMONLDAP-194] - Delete AuthLA
    * [LEMONLDAP-195] - Anti-frame
    * [LEMONLDAP-196] - Remove .sql files for Conf::DBI
    * [LEMONLDAP-199] - Require Lasso 2.3.0 for SAML
    * [LEMONLDAP-204] - abort() instead of die in handlers
    * [LEMONLDAP-211] - Debian : use packaged jquery-ui
    * [LEMONLDAP-212] - Use jquery-ui style popup to display errors and upload
      result
    * [LEMONLDAP-213] - Network errors are not catched by "error" target oj
      jQuery.ajax() function
    * [LEMONLDAP-218] - Upgrade to jquery-ui 1.8 and use dialog for Manager
      popup
    * [LEMONLDAP-221] - Allow to set a custom portal skin from Manager
    * [LEMONLDAP-225] - /favicon.ico is missing for new web site
    * [LEMONLDAP-234] - Tree style image transparency problem with obsur theme
    * [LEMONLDAP-5] - Configure use of HTTPS and redirection port per virtual
      host
    * [LEMONLDAP-6] - Change 403 error into 302 error for ungranted access
    * [LEMONLDAP-12] - Zimbra authentication
    * [LEMONLDAP-18] - [SAML] Common domain cookie support
    * [LEMONLDAP-19] - Select authentication module on authentication portal
    * [LEMONLDAP-22] - Session explorer should use the new Manager elements
      (i18n, templates, etc.)
    * [LEMONLDAP-25] - Provide authorized application trough SOAP
    * [LEMONLDAP-27] - OpenID provider
    * [LEMONLDAP-28] - Read user information from OpenID provider
    * [LEMONLDAP-29] - Improve application menu configuration
    * [LEMONLDAP-57] - Local Handler macros
    * [LEMONLDAP-101] - CAS Provider (IssuerDBCAS)
    * [LEMONLDAP-102] - IssuerDB contextual selection
    * [LEMONLDAP-121] - Fake SLO process for standard applications
    * [LEMONLDAP-123] - Store Lasso Identity Dump in UserDB
    * [LEMONLDAP-129] - LDAP timeout configuration
    * [LEMONLDAP-135] - Propagate domain change to all keys
    * [LEMONLDAP-139] - Use default values for SAML URL if they are not
      defined in configuration
    * [LEMONLDAP-141] - Disable timer on IDP list
    * [LEMONLDAP-146] - Request PGT in AuthCAS
    * [LEMONLDAP-159] - Manage comment in rule regexp
    * [LEMONLDAP-174] - Configure auto POST in Manager
    * [LEMONLDAP-210] - Ajax request in menu to check if session is always
      available
    * [LEMONLDAP-4] - Documentation for POST Handler functionnality
    * [LEMONLDAP-7] - Doxygen Portal/MailReset.pm
    * [LEMONLDAP-13] - Check that authLogout is well managed in AuthMulti
    * [LEMONLDAP-30] - [SAML] Unit tests
    * [LEMONLDAP-162] - Replace help system by offline doc
    * [LEMONLDAP-171] - Documentation for version 1.0 on new wiki
    * [LEMONLDAP-192] - Use the new wiki to generate offline documentation
    * [LEMONLDAP-206] - Upgrade spec file to build RPMs for 1.00
    * [LEMONLDAP-209] - Update copyright and URLs in PODs
    * [LEMONLDAP-231] - Tidy Manager skin directory
    * [LEMONLDAP-164] - Trusted domains for OpenID
    * [LEMONLDAP-165] - Manage extensions in is_trusted hook
    * [LEMONLDAP-166] - Create a storage for agreements

206 207
lemonldap-ng (1.0rc2) unstable; urgency=low

Xavier Guimard's avatar
Xavier Guimard committed
208
    * Debian policy 3.9.1
209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308
    * [LEMONLDAP-20] - Parameter remoteCookieName is not available in
        Manager
    * [LEMONLDAP-21] - Special characters from SAML attribute statement are
      not well encoded
    * [LEMONLDAP-41] - Lasso CRITICAL error in AuthSAML logout process
    * [LEMONLDAP-42] - [SAML][SP] Attrubtes sent trought IDP initiated SSO are
      not registered into session
    * [LEMONLDAP-43] - [SAML][SP] IDP should not be read from IDP cookie, but
      from SAML request or response
    * [LEMONLDAP-50] - [SAML][SP] OneTimeUse flag should not reduce session
      duration
    * [LEMONLDAP-53] - [SAML][IDP] sendLogoutResponseAfterLogoutRequest method
      does not exists
    * [LEMONLDAP-54] - Handler parameters (https, port, etc.) are not taken
      into account if only defined in Manager, and not in ini file
    * [LEMONLDAP-62] - [SAML] samldate2timestamp is not returning correct
      timestamp
    * [LEMONLDAP-64] - SLO error with simpleSAMLphp
    * [LEMONLDAP-68] - Failed to load signing key for
      http://urlIDP/saml/metadata
    * [LEMONLDAP-69] - domain cannot contain "-" in Manager
    * [LEMONLDAP-71] - samlIDPSSODescriptorArtifactResolutionServiceArtifact
      wrong binding in Manager
    * [LEMONLDAP-72] - [SAML] UTF-8 encoded attributes are reencoded
    * [LEMONLDAP-73] - [SAML] Initial URL is not kept when IDP is choosen in
      AuthSAML
    * [LEMONLDAP-74] - [error] Unable to open relaystate session
    * [LEMONLDAP-75] - SSO HTTP-POST profile not declared in IDP metadata
    * [LEMONLDAP-76] - [SAML] SOAP SLO denied on IDP
    * [LEMONLDAP-77] - Error when no SessionNotOnOrAfter value in authn
      statement
    * [LEMONLDAP-78] - Request Denied on SOAP SLO request on IDP
    * [LEMONLDAP-79] - Mandatory attributes are not requested
    * [LEMONLDAP-81] - SessionNotOnOrAfter should be set explicitely
    * [LEMONLDAP-82] - CDA always use secured cookie even if requested site is
      a http one
    * [LEMONLDAP-100] - Secondary SAML session should be destroyed when
      primary session is deleted
    * [LEMONLDAP-105] - Error on SLO request for already closed session
    * [LEMONLDAP-109] - Do not send AttributeStatement when no attribute
      should be sent
    * [LEMONLDAP-112] - Handler/AuthBasic does not use local cache
    * [LEMONLDAP-113] - Lemonldap::NG is not compatible with the use of a LDAP
      server using a different encoding than UTF-8 for storing passwords
    * [LEMONLDAP-114] - Bad usage of Apache::Session::searchOn() on portal
    * [LEMONLDAP-115] - In info page, when clicking on "Continue", we are not
      redirected to urldc
    * [LEMONLDAP-119] - Special UTF-8 characters raise error in metadata
    * [LEMONLDAP-122] - Secondary SAML session are not deleted on local IDP
      logout
    * [LEMONLDAP-124] - Stop info/confirm timer at 0
    * [LEMONLDAP-37] - [SAML] Proxy restriction should include all known IDP,
      and not only target IDP
    * [LEMONLDAP-44] - [SAML][SP] IDP list when unknown IDP in IDP cookie
    * [LEMONLDAP-46] - [logout] verify referer into logout process
    * [LEMONLDAP-47] - [SAML] RequestedAuthnContext should always be
      translated into authenticationLevel
    * [LEMONLDAP-51] - [SAML][IDP] SAML sessionIndex value should be a crypted
      value of LL::NG session_id
    * [LEMONLDAP-55] - Distribute SympaAutoLogin Handler
    * [LEMONLDAP-70] - Do not throw error if no SP or no IDP configured
    * [LEMONLDAP-80] - POST fields should be hidden
    * [LEMONLDAP-87] - Attribute format selection in Manager
    * [LEMONLDAP-89] - Security keys in service metadata
    * [LEMONLDAP-90] - Group IDP and SP options
    * [LEMONLDAP-91] - SOAP configuration parameter is not needed in SAML
    * [LEMONLDAP-98] - Add option to disable SAML conditions checks
    * [LEMONLDAP-104] - Store entities metadata in raw format
    * [LEMONLDAP-106] - Display OK or ERROR icons on HTTP REDIRECT and HTTP
      POST SLO iframes
    * [LEMONLDAP-107] - Manage asynchronous SLO request on closed SSO session
      (SAML IDP)
    * [LEMONLDAP-126] - Put SAML parameters in Manager
    * [LEMONLDAP-2] - [SAML] Attribute authority
    * [LEMONLDAP-10] - [SAML] Manage certificate in service metadata
    * [LEMONLDAP-31] - [SAML] Proxy IDP
    * [LEMONLDAP-32] - [SAML] Manage Artifact methods for SAML messages
      emission in SP
    * [LEMONLDAP-33] - [SAML] Check "Destination" attribute
    * [LEMONLDAP-35] - [SAML] Manage SLO trough SOAP
    * [LEMONLDAP-36] - [SAML] Check dates and other conditions in SLO requests
    * [LEMONLDAP-40] - [SAML] Dedicated portal errors code for SAML errors
    * [LEMONLDAP-49] - [SAML][IDP] Manage encrypted NameID
    * [LEMONLDAP-52] - IssuerDB activation rule
    * [LEMONLDAP-56] - [SAML][IDP] SLO trough HTTP-POST
    * [LEMONLDAP-66] - [SAMl][IDP] Options to check message signatures
    * [LEMONLDAP-67] - [SAML][IDP] Map NameID Format to local session keys
    * [LEMONLDAP-86] - Do not parse metadata on each authentication
    * [LEMONLDAP-88] - Better signature management
    * [LEMONLDAP-108] - NameID unspecified format should use the default
      NameID format
    * [LEMONLDAP-110] - Store SAML token in session
    * [LEMONLDAP-111] - Build SLO response request with other SLO request
      status
    * [LEMONLDAP-116] - Allow metadata edition in Manager
    * [LEMONLDAP-3] - [SAML] Attribute authority declaration in metadata
    * [LEMONLDAP-83] - Set NameID in attribute request
    * [LEMONLDAP-84] - Check format and friendly name of requested attribute
    * [LEMONLDAP-85] - Check requested attribute values
    * [LEMONLDAP-96] - Add encryptionkey in Attribute Authority metadata
309
    * Upgrade to JQuery-1.4.2
310

311
lemonldap-ng (1.0rc1) unstable; urgency=low
Xavier Guimard's avatar
Xavier Guimard committed
312

Xavier Guimard's avatar
Xavier Guimard committed
313
  * Little Debian changes (see 0.9.4.1-2 Debian changelog)
314
  * AuthCAS: URL redirection and module load test
Xavier Guimard's avatar
Xavier Guimard committed
315 316 317 318 319 320
  * Change multiple configuration files into lemonldap-ng.ini
  * New manager
  * New conf storage modules : CDBI and RDBI
  * DBI conf storage module is deprecated
  * convertConfig and lmMigrateConfFiles2ini tools
  * childInit() is called only 1 time
321
  * Update JQuery to 1.3 and JQueri-UI 1.7.2 (Closes: #314394)
Xavier Guimard's avatar
Xavier Guimard committed
322 323 324 325
  * New authentication and userDB modules :
    - DBI
    - Proxy
    - Env (UserDB only)
326
    - SAML
Clément OUDOT's avatar
Clément OUDOT committed
327 328
    - OpenID
    - Twitter
Xavier Guimard's avatar
Xavier Guimard committed
329 330
  * Portal index.pl use lemonldap-ng.ini to get parameters
  * CSS and Javascript minification capability
331
  * Apache configuration splitted into portal/manager/handler
332
  * XML Menu is deprecated
Clément OUDOT's avatar
Clément OUDOT committed
333
  * LDAP: recursive groups
334 335 336
  * unprotect target in rules
  * Force authentication parameter
  * Store in user session Auth/UserDB/PasswordDB/IssuerDB used module
Clément OUDOT's avatar
Clément OUDOT committed
337
  * Use a confirmation token and HTML templates for password reset by mail
338 339 340 341 342
  * SOAP: isAuthorizedUri Web Service
  * Confirm and Info stages in Portal
  * Possibility to define a rule to grant session
  * Configuration parameters for portal customization (skin, ...)
  * Possibility to set cookie expiration
Clément OUDOT's avatar
Clément OUDOT committed
343 344 345
  * LDAP: option to modify password as user
  * Correct bugs in Handler::Proxy
  * New portal skin: impact
Xavier Guimard's avatar
Xavier Guimard committed
346

Clément OUDOT's avatar
Clément OUDOT committed
347
 -- Xavier Guimard <x.guimard@free.fr>  Wed, 24 Mar 2010 23:00:00 +0100
Xavier Guimard's avatar
Xavier Guimard committed
348 349 350 351 352 353 354 355 356

lemonldap-ng (0.9.4.1) unstable; urgency=low

  * Safe jail update
  * Many little bugs in Handler/CGI.pm
  * Apache::Session::LDAP was not usable with session explorer
  * syslog facility was not taken in account in Common/CGI.pm
  * require failed in _Multi.pm
  * doc update
357
  * russian debconf translation (Closes: #550552 / bugs.debian.org)
Xavier Guimard's avatar
Xavier Guimard committed
358 359

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 11 Oct 2009 09:36:35 +0200
Xavier Guimard's avatar
Xavier Guimard committed
360

361 362
lemonldap-ng (0.9.4) unstable; urgency=low

Xavier Guimard's avatar
Xavier Guimard committed
363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393
  * Bugs :
    - ldap+tls uri was not working (Closes: #312418)
    - Session timeout is in seconds and not in minutes in Manager/Help.pm
      (Closes: #312339)
    - Missing dependency in Debian package (Closes: #521959 / bugs.debian.org)
  * Logs :
    - CGI's log subroutine : now if a CGI runs under ModPerl::Registry, it
      stores it's log using Apache2::Log
    - handler logs written in PerlLogHandler
  * SOAP :
    - New SOAP architecture : the portal serves now all webservices and the
      security is based on Apache system (different locations)
    - WSDL generation
  * New features :
    - LDAP backend for configuration and sessions storage
    - portal can be a Perl expression in handlers
    - POST requests generation in handler (used to post login/password in non
      compatible applications)
    - Sympa auto login handler
    - New auth and userDB modules for the portal : Multi, Remote, Null (for
      UserDB only)
    - New module system for passwords
    - Notification system
    - Double session mechanism (1 secured and the other not)
    - New fonctions for rules (stored in
      lemonldap-ng-common/lib/Lemonldap/NG/Common/Safelib.pm) :
       * checkLogonHours
       * checkDate
  * Other :
    - Pre-compilation in Apache's configuration files
    - Cross-domain now included in core
394
    - handler AuthBasic now uses SOAP
Xavier Guimard's avatar
Xavier Guimard committed
395 396

 -- Xavier Guimard <x.guimard@free.fr>  Mon, 29 Jun 2009 10:28:09 +0200
Xavier Guimard's avatar
Xavier Guimard committed
397 398 399 400 401 402 403 404 405 406 407 408 409 410

lemonldap-ng (0.9.3.4) unstable; urgency=low

  * Security bug fix (macros and groups can be evaluated for an other user in
    multi-thread environment). Closes: #312627
  * XSS filter can now accept URL with a port. Closes: #312625

 -- Xavier Guimard <x.guimard@free.fr>  Thu, 05 Feb 2009 16:12:55 +0100

lemonldap-ng (0.9.3.3) unstable; urgency=low

  * ldap+tls uri was not working (Closes: #312418)
  * Session timeout is in seconds and not in minutes in Manager/Help.pm
    (Closes: #312339)
411 412 413

 -- Xavier Guimard <x.guimard@free.fr>  Thu, 22 Jan 2009 11:00:10 +0100

414 415 416 417 418 419
lemonldap-ng (0.9.3.2) unstable; urgency=low

  * Debian install failed (Closes: #510562, Closes: #510563 / bugs.debian.org)

 -- Xavier Guimard <x.guimard@free.fr>  Sat, 03 Jan 2009 09:47:21 +0100

420 421 422 423 424 425
lemonldap-ng (0.9.3.1) unstable; urgency=low

  * Bug in Debian build

 -- Xavier Guimard <x.guimard@free.fr>  Wed, 31 Dec 2008 14:16:06 +0100

426 427
lemonldap-ng (0.9.3) unstable; urgency=low

428 429 430
  [ Security ]
  * XSS protection

431
  [ Clement Oudot ]
432
  * New menu and skin (pastel). Menu calculates rights before displaying URL
433 434

  [ Xavier Guimard ]
435
  * Authentication and UserDB separation
436
  * New session explorer system
437 438 439 440 441 442
  * Backport of debian storage.conf file to normal installation
  * Errors are now displayed in the browser for portal and manager
  * Custom functions for rules, macros, headers and groups
  * Manager protection
  * New configuration access with local cache system
  * AuthBasic handler
443 444 445
  * MRTG scripts to read LmNG status
  * UserDB mechanism : LDAP is not required now
  * Portal SOAP functions
446

447
 -- Xavier Guimard <x.guimard@free.fr>  Wed, 31 Dec 2008 11:55:57 +0100
448

449 450 451 452 453 454
lemonldap-ng (0.9.2.2) unstable; urgency=low

  * Bug in default rule (Closes: #310938)

 -- Xavier Guimard <x.guimard@free.fr>  Mon, 25 Aug 2008 22:08:58 +0200

455 456 457 458 459 460
lemonldap-ng (0.9.2.1) unstable; urgency=low

  * New documentation page on advanced access rules

 -- Xavier Guimard <x.guimard@free.fr>  Fri, 04 Jul 2008 11:54:57 +0200

461 462 463 464
lemonldap-ng (0.9.2) unstable; urgency=low

  * New css in manager
  * cleaning Handler code
465 466
  * Status system for Lemonldap::NG::Handler and for the portal
  * Debian Czech translation for debconf (Closes: #483301 / bugs.debian.org)
467
  * Debian Swedish translation for debconf (Closes: #487713 / bugs.debian.org)
468 469 470 471 472 473 474 475
  * Romanian translation for portal
  * Distinct Liberty-Alliance SP installation
  * Password policy included now
  * Bugs in redirections
  * Perl 5.10 check-in
  * More tests in "test" target
  * Bug in purgeCentralCache (DBI only): datas where never purged

476
 -- Xavier Guimard <x.guimard@free.fr>  Tue, 24 Jun 2008 15:07:04 +0200
477

478 479 480 481 482 483 484 485 486 487 488 489
lemonldap-ng (0.9.1) unstable; urgency=low

  * logout bug : logout_sso target was not running (Closes: #308856)
  * javascript update : the manager was not running with MSIE7 (Closes:
    #308775)
  * Debian corrections issued from lintian (full)
  * 2 Net::LDAP password policy controls in the portal:
    - account locked
    - password expired

 -- Xavier Guimard <x.guimard@free.fr>  Mon, 07 Apr 2008 11:13:06 +0200

490 491 492 493
lemonldap-ng (0.9) unstable; urgency=low

  * Liberty Alliance module issued of the FederID project is now included.

494
 -- Xavier Guimard <x.guimard@free.fr>  Mon, 25 Feb 2008 15:05:08 +0100
495

496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512
lemonldap-ng (0.8.3.2) unstable; urgency=low

  * purgeCentralCache was not correctly installed in Debian (Closes: #461572 /
    bugs.debian.org)
  * debconf translation for german and portuguese (Closes: #451820 and #462807
    bugs.debian.org)
  * HTML documentation update
  * Option +ExecCGI was missing in
    lemonldap-ng-handler/example/lmH-apache2.conf (Closes: #307891)
  * Local overload was not taken in account in handlers
  * Sessions could not be stored in SOAPServer (Closes: #308181)
  * Attributes could not be deleted in SOAP session client (Closes: #308214)
  * Sessions timeout can now be managed by the Manager
  * AuthSSL doesn't work without SSLvar parameter

 -- Xavier Guimard <x.guimard@free.fr>  Fri, 08 Feb 2008 17:27:15 +0100

513 514 515 516 517 518
lemonldap-ng (0.8.3.1) unstable; urgency=low

  * New feature: LDAP groups are now available in $groups

 -- Xavier Guimard <x.guimard@free.fr>  Wed, 07 Nov 2007 16:41:07 +0100

519
lemonldap-ng (0.8.3) unstable; urgency=high
520 521

  * Syntax errors in configuration are now displayed
522
  * Security fix: authentication could be replayed with another uid
523
  * Debian package uses po-debconf
524 525
  * TLS is now supported in LDAP connections (thanks to Baptiste Grenier)
  * New logout system: logout urls can be now intercepted in Manager
526
  * Documentation
527

528
 -- Xavier Guimard <x.guimard@free.fr>  Fri, 07 Sep 2007 07:14:35 +0200
529

530 531 532 533
lemonldap-ng (0.8.2.4) unstable; urgency=low

  * Bug in manager javascript.

534
 -- Xavier Guimard <x.guimard@free.fr>  Tue, 19 Jun 2007 22:25:10 +0200
535

536 537 538 539
lemonldap-ng (0.8.2.3) unstable; urgency=low

  * Change configuration storage format (Storable bug).
    Closes: #307173/objectweb.org
540 541
  * CDA little bug correction
  * Documentation update
542

543
 -- Xavier Guimard <x.guimard@free.fr>  Wed, 13 Jun 2007 15:33:56 +0200
544

545 546 547 548
lemonldap-ng (0.8.2.2) unstable; urgency=low

  * Debian packages modifications due to Lintian control.
  * New Debian package: lemonldap-ng-doc
549
  * Little bug correction in Portal/CDA.pm
550 551 552
  * Bug between Handler dependencies and Debian organization:
    Lemonldap::NG::Handler::SharedConf must not depend from
    Lemonldap::NG::Manager but Lemonldap::NG::Manager::Conf
553

554
 -- Xavier Guimard <x.guimard@free.fr>  Tue, 01 June 2007 07:18:43 +0200
555

556 557 558 559
lemonldap-ng (0.8.2.1) unstable; urgency=low

  * More documentation
  * Virtual host names control
560
  * Portal can now use more than one LDAP server
561

562
 -- Xavier Guimard <x.guimard@free.fr>  Mon, 14 May 2007 07:14:10 +0200
563

564
lemonldap-ng (0.8.2) unstable; urgency=low
565 566 567

  * Little bug fix if whatToTrace parameter is not defined and display it in
    Manager interface
568
  * New: port is now checked in portal redirection
569 570
  * Different configurations can now be used on the same server at the same
    time
571
  * Help in english
572 573 574
  * New debian structure: lemonldap-ng is splitted in 5 packages, default
    configuration file has moved to /var/lib/lemonldap-ng/conf/ and first
    configuration file is managed by debconf
575 576
  * Buttons to manage configurations in manager (next, previous, last,
    delete). Closes: #306566 / forge.lemonldap.org.
577 578
  * SOAP: HTTP basic authentication and little bug correction in 'sessions'
    mode
579

580
 -- Xavier Guimard <x.guimard@free.fr>  Mon, 07 May 2007 19:06:52 +0200
581 582 583 584 585 586 587

lemonldap-ng (0.8.1.1) unstable; urgency=low

  * Little bug fix in test

 -- Xavier Guimard <x.guimard@free.fr>  Fri, 20 Apr 2007 08:57:40 +0200

588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750
lemonldap-ng (0.8.1) unstable; urgency=low

  * New features :
    - Logout system
    - Configuration check before saving in Manager

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 15 Apr 2007 19:18:29 +0200

lemonldap-ng (0.8.0.7) unstable; urgency=low

  * Bug fix in manager javascript (Closes: #306776 ?)
  * Display bug fix in manager

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 15 Apr 2007 13:21:43 +0200

lemonldap-ng (0.8.0.6) unstable; urgency=low

  * Little bug fix in unprotect function
  * Bug fix in authentication scheme different than default

 -- Xavier Guimard <x.guimard@free.fr>  Thu, 12 Apr 2007 07:03:51 +0200

lemonldap-ng (0.8.0.5) unstable; urgency=low

  * i18n bug: Lemonldap::NG works does not fall in english but creates a bug

 -- Xavier Guimard <x.guimard@free.fr>  Wed, 28 Mar 2007 21:26:16 +0200

lemonldap-ng (0.8.0.4) unstable; urgency=low

  * Multi-valued attributes in HTTP headers (Closes: #306792 /
    forge.objectweb.org)
  * Warning in Manager/Conf.pm: the same type of storage has to be used for
    all Lemonldap::NG parts in a same server.
  * Apache-1.3 configuration reload (Closes: #306761 / forge.objectweb.org)

 -- Xavier Guimard <x.guimard@free.fr>  Thu, 22 Mar 2007 22:42:23 +0100

lemonldap-ng (0.8.0.3) unstable; urgency=low

  * New feature in Manager : "Delete VHost" button (Closes: #306761)
  * Typo correction in Makefile : (Closes: #306775)
  * Correction of build-depends : (Closes: #306773)
  * Bug correction : existingSessions was not called in Portal.pm

 -- Xavier Guimard <x.guimard@free.fr>  Tue, 13 Mar 2007 07:55:42 +0100

lemonldap-ng (0.8.0.2) unstable; urgency=low

  * Bug correction: lock doesn't work with File.pm (Closes: #306760 /
    forge.objectweb.org)

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 11 Mar 2007 21:08:38 +0100

lemonldap-ng (0.8.0.1) unstable; urgency=medium

  * Closes: #306756 / forge.objectweb.org

 -- Xavier Guimard <x.guimard@free.fr>  Fri,  10 Mar 2007 08:49:01 +0100

lemonldap-ng (0.8) unstable; urgency=low

  * Release 0.8:
    - corrects differents little bugs issued from test in real life.
    - on line documentation in english

 -- Xavier Guimard <x.guimard@free.fr>  Fri,  9 Mar 2007 20:29:01 +0100

lemonldap-ng (0.7b12) unstable; urgency=low

  * New features:
    - session access via SOAP
    - authentication via CAS
    - 'apply changes' button in Manager used to reload configuration in
      handlers (by calling reload sub via HTTP) (Closes: #306565 /
      forge.objectweb.org)
    - i18n module in portal (for displaying errors)
    - lock in DBI configuration system (NOT YET TESTED)

 -- Xavier Guimard <x.guimard@free.fr>  Sun,  4 Mar 2007 15:50:38 +0100

lemonldap-ng (0.7b11) unstable; urgency=low

  * New features:
    - Cross Domain Authentication
    - SOAP configuration access
    - READMEs and documentation update 

 -- Xavier Guimard <x.guimard@free.fr>  Tue, 27 Feb 2007 15:01:09 +0100

lemonldap-ng (0.7b10) unstable; urgency=low

  * Corrections in Manager issued from the first test in real life:
    - Close #306573 / forge.objectweb.org
    - Close #306574 / forge.objectweb.org

 -- Xavier Guimard <x.guimard@free.fr>  Wed, 17 Jan 2007 20:57:33 +0100

lemonldap-ng (0.7b9) unstable; urgency=low

  * Internationalization of javascripts (close #306564 / forge.objectweb.org)
  * Help in "General Parameters"

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 14 Jan 2007 21:50:39 +0100

lemonldap-ng (0.7b8) unstable; urgency=low

  * Correction of the use of Safe in portal: &share doesn't work with a
    variable declared with my.
  * New system in the configuration: 'macro' section can be used to add
    custom exported variables. So configuration is more simple in heavy case.

 -- Xavier Guimard <x.guimard@free.fr>  Sat, 13 Jan 2007 20:19:19 +0100

lemonldap-ng (0.7b7) unstable; urgency=low

  * Correction of a bug in internal redirections: now internal
    redirections are not examined: for example,http://test.example.com/ is
    internaly redirected to /index.pl, but only the first request (/) is
    tested.
  * Help in french

 -- Xavier Guimard <x.guimard@free.fr>  Fri,  5 Jan 2007 18:22:32 +0100

lemonldap-ng (0.7b6) unstable; urgency=low

  * Help system skeleton

 -- Xavier Guimard <x.guimard@free.fr>  Thu,  4 Jan 2007 09:04:05 +0100

lemonldap-ng (0.7b5) unstable; urgency=low

  * Localization in Manager interface (only fr and en)

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 31 Dec 2006 16:39:06 +0100

lemonldap-ng (0.7b4) unstable; urgency=low

  * Safe jail runs now
  * example runs now

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 31 Dec 2006 14:00:08 +0100

lemonldap-ng (0.7b3) unstable; urgency=low

  * Replacement of eval by Safe for external expressions

 -- Xavier Guimard <x.guimard@free.fr>  Sat, 30 Dec 2006 22:23:22 +0100

lemonldap-ng (0.7b) unstable; urgency=low

  * Corrections in example
  * Example installation in debian
  * Revision in documentation

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 17 Dec 2006 18:37:39 +0100

lemonldap-ng (0.6) unstable; urgency=low

  * Initial release built starting from the three modules of the CPAN.

 -- Xavier Guimard <x.guimard@free.fr>  Sun, 17 Dec 2006 17:46:47 +0100