File: ChangeLog

package info (click to toggle)
rt-authen-externalauth 0.10-4
  • links: PTS
  • area: main
  • in suites: wheezy
  • size: 440 kB
  • sloc: perl: 3,299; sh: 21; makefile: 17
file content (359 lines) | stat: -rw-r--r-- 11,425 bytes parent folder | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
0.10 2012-02-17  Thomas Sibley
	* Silence confusing log messages when $ExternalInfoPriority is empty

0.09_03 2012-01-27	Thomas Sibley
	* Fetch the necessary attributes when group_attr_value is used
	* Test escaping of commas during the group check

0.09_02 2012-01-26	Thomas Sibley
	* Improved logging inside the LDAP group membership check

0.09_01 2012-01-23	Thomas Sibley
	* Improved logic when dealing with Disabled/disabling users
	* Configurable group membership attribute values
	* Group membership tests

0.09 2011-05-06 Kevin Falcone
	* compatibility fixes for 3.8.10 and 4.0.0
	* author testsuite
	* updated README

v0.08_01 2011-02-18 Kevin Falcone
	* Testing prerelase for 0.09, since 0.09_01 never made it to CPAN
	* Upgrade Module::Install
	* Remove and then replace a requires('RT') since Module::Install::RTx now
	  handles that
	* Fix the features/recommends to work with modern MI
	* Use CSS to hide password box for ExternalAuth users so they don't think
	  they can change their password via RT
	* Fix for 3.8.9/4.0.0 to work with new Login infrastructure


NEVER RELEASED v0.09_01  2009-03-28    Mike Peachey <zordrak@cpan.org>

    * Makefile.PL
    
        Removed RT requirement since most RT installs are not done
        via CPAN and therefore CPAN installation fails dependency
        checking.
        
    * ChangeLog
    
        Added entry for v0.09_01
        
        
v0.08     2009-01-24    Mike Peachey <zordrak@cpan.org>

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.08

    * ChangeLog

        Added entry for v0.08

    * etc/RT_SiteConfig.pm

        Added ssl_version to example LDAP config as it is used by
        the code, but had not been demonstrated.

        s/Crypt::MD5::md5_hex/Digest::MD5::md5_hex/ in example DBI
        config.

        Added the ability to provide a static salt to the p_enc_sub
        however this behavious may be reviewed in future releases
        to allow integration with better encryption methods.

        s/userSupportAccess/disabled/ in example DBI config.

    * html/Callbacks/ExternalAuth/autohandler/Auth

        Modified the log message regarding the RT-3.8.[01] plugin
        bug from error level to debug level and modified the text
        of the message to be more clear for RT-3.8.2+ users.


v0.08_01  2009-01-20    Mike Peachey <zordrak@cpan.org>
    
    * ChangeLog
        
        Added entry for v0.08_01

        Tabs-to-spaces conversion made where needed.

    * lib/RT/Authen/ExternalAuth.pm
        
        Version updated to 0.08_01
        
        DoAuth method created to inherit the work that used to be
        performed by the Auth callback for autohandler.

        GetAuth reduced to an interface. Its purpose is now just to
        check what type of service was passed and then call the
        GetAuth method from the right package.

        Authentication now halts and returns with error if
        ExternalAuthPriority is not set. This prevents a fairly
        useless compile error and logs an explanation instead.

	Information lookup is now bypassed and logged if
        ExternalInfoPriority is not set, preventing another useless
        compile error and replacing it with an explanation.

        SSO Cookie authentication now available following the
        integration of RT::Authen::CookieAuth. Methods updated
        to reflect the availability of this service.

    * lib/RT/Authen/ExternalAuth/DBI/Cookie.pm

        File added to house the cookie grab. While SSO cookies are
        a function of DBI authentication (at the moment at least)
        there is no need for DBI.pm to use CGI::Cookie for this one
        purpose. With the future possibility of futher cookie
        functions as well, I decided it deserved its own module.

    * lib/RT/Authen/ExternalAuth/LDAP.pm

        Changed an unless($base) to unless(defined($base)) to allow
        for the use of a defined, but empty, baseDN so that an LDAP
        directory may be searched from the root.

    * etc/RT_SiteConfig.pm

        CookieAuth settings have been merged into the ExternalAuth
	settings hash. Example from CookieAuth has been merged in.

        'auth' and 'info' settings have been deprecated and so have
        been removed from the examples. The function they served has
        been replaced by the ExternalAuthPriority and
        ExternalInfoPriority variables.

    * lib/RT/Authen/User_Vendor.pm

        The override for the IsPassword method has been deprecated
        and deleted. It is no longer necessary to do password tests
        as a call to the User object. The equivalent function is
        now provided by GetAuth in ExternalAuth.pm and is called
        with an ExternalAuth service name, username and password.
        Currently, this only needs to be called by DoAuth in
        ExternalAuth.pm

        While RT::Authen::ExternalAuth used to be used to integrate
        internal RT authentication with an external method as a single
        operation, this causes a lack of modularity. Now ExternalAuth
        is only concerned with its own authentication methods and if
        they fail then RT will decide to do fallback to internal
        authentication on its own.

    * html/Callbacks/ExternalAuth/autohandler/Auth

        Workaround for RT versions 3.8.0 and 3.8.1 removed.
        RT::Authen::ExternalAuth v0.08 will be officially compatible
        only with versions 3.8.2 and up.

        All functionality has been replaced by a call to ExternalAuth.pm's
        DoAuth method. This is permitted by the passing of a reference to
        the current session variable. DoAuth simply modifies that variable
        as necessary to perform its function. Any data returned is purely
        informational.

    * README

        Updated to include basic information on SSO cookies.

    * Makefile.PL

        Updated to reflect the integration of RT::Authen::CookieAuth.

v0.07_02 2008-12-22    Kevin Falcone <falcone@cpan.org>

    * html/Callbacks/ExternalAuth/autohandler/Auth

        Make the workaround needed for 3.8.1 work on 3.8.2

v0.07_01 2008-11-06    Mike Peachey <zordrak@cpan.org>
                       Kevin Falcone <falcone@cpan.org>
    
    * ALL
      
        Complete code refactoring and updates for RT-3.8.x
        compatability.

v0.06    2008-11-01    Mike Peachey <zordrak@cpan.org>

    * README

        A few minor tweaks.

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.06 

    * etc/RT_SiteConfig.pm

        A number of clarifications added to the example config comments
        such as making clear the fact that a valid d_filter is required.

v0.06_03 2008-10-31    Mike Peachey <zordrak@cpan.org>
                       Kevin Falcone <falcone@cpan.org>

    * html/Callbacks/ExternalAuth/autohandler/Auth
            
        Add fix to work around a plugin bug in RT-3.8.0 & RT-3.8.1
        preventing User_Vendor.pm overlay being required before
        RT::User is loaded.
        
        Check the return value from calling RT::User::Create. 

        Check the return value when loading an autocreated user.

    * README
            
        Updated to talk about removing old files in local/.

    * lib/RT/Authen/User_Vendor.pm

        Added error-checking to complain if a an LDAP configuration is
        in use, but no d_filter has been specified.

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.06_03.

    * ChangeLog

        General clean-up.


v0.06_02 2008-10-01    Kevin Falcone <falcone@cpan.org>

    * ChangeLog

       Updates to previous release.

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.06_02.


v0.06_01 2008-10-17    Kevin Falcone <falcone@cpan.org>

    * lib/RT/Authen/User_Vendor.pm

        Add a patch to be compatible with 3.8

    * Upgrade Module::Install::RTx to work better with RT-3.8.x


v0.05    2008-04-09    Mike Peachey <zordrak@cpan.org>

    * lib/RT/Authen/User_Vendor.pm

        Typo on line 962. s/servicen/service/

    * html/Callbacks/ExternalAuth/autohandler/Auth

        Deprecated $user_autocreated. It was being used to prevent a call
        to RT::User::UpdateFromExternal in User_Vendor.pm because it was
        deemed an unecessary expense to set the user's info and then look
        it up again straight after. However, I have since realised that
        UpdateFromExternal is the only code doing a check to see if the
        user has been disabled in the external source and so bypassing
        it when users are created allows new users to log in once even
        if they have not been "enabled". 

        I will be doing a small rewrite of this code in the future to
        abstract the External disable-lookup code from UpdateFromExternal
        and perhaps remove the function altogether, but for now everything
        will work fine.

    * ChangeLog

        I did it again. I added a / on the front of the path to 
        ExternalAuth.pm. What a plonker!

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.05


v0.04    2008-04-03    Mike Peachey <zordrak@cpan.org>

    * etc/RT_SiteConfig.pm
        
        The example LDAP ExternalSettings configuration did not contain
        example values for user and pass for RT's connection to an LDAP
        server. These have now been added.

        Thanks to Andrew Fay <andrew.fay@hotmail.com> for noticing this one.

    * ChangeLog

        Removed a "/" from the start of the ExternalAuth.pm file line in 0.03

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.04


v0.03    2008-03-31    Mike Peachey <zordrak@cpan.org>

    * html/Callbacks/ExternalAuth/autohandler/Auth 

        Bug found on lines 94-100.

        The ELSE block starting on line 95 was assigned to the IF starting
        on 85 instead of the IF block starting on line 86. This meant that
        if the user entered at the login screen exists no password would
        be checked.

        It was doing this:

        If session has current user who has an ID
            If password has already been validated
                SUCCESS
            Else
                Return to autohandler with valid session & implicit auth
        Else delete session

    
        This has now been corrected to this:

        If session has current user who has an ID
            If password has already been validated
                SUCCESS
            Else
                Delete session
        Else return to autohandler with whatever we had before the block

    * lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.03


v0.02    2008-03-17    Mike Peachey <zordrak@cpan.org>

    * lib/RT/User_Vendor.pm

        Bug #1 found on line 446. 

        CanonicalizeUserInfo was being called directly, instead of being 
        called on the $self user object.
        
        This was causing CanonicalizeUserInfo to shift the e-mail address 
        it was passed into the $self var instead of the $email var. It was
        therefore returning a blank e-mail address regardless of the input.

    * lib/RT/User_Vendor.pm

        Header comments altered to reflect that the file is part of the
        RT::Authen::ExternalAuth extension.

    * /lib/RT/Authen/ExternalAuth.pm

        Version updated to 0.02


v0.01    2008-03-13    Mike Peachey <zordrak@cpan.org>

    * Initial Release