NEWS ==== 2.1.1 - December 17th 2013 -------------------------- - Fix missing dependency upon django-admin-tools in setup.py 2.1.0 - December 15th 2013 -------------------------- 506 commits, 370 files changed, 18136 insertions, 10906 deletions Changes: - New discovery service - Improved OpendID idp - OpenID trusted root whitelist - New internal LDAP authentication backend (no more depend upon django-auth-ldap), with support for AD and password change - New LDAP only user mode, allow to work with a read-only DB - Many settings can be extracted from process environment variables - No homepage mode, for a technical IdP - Single logout improvements in proxy settings - Improved translations - Federation deletion can be propagated and inercepted using a signal - Adaptation for Django 1.5 custom user models - Email change form with token-by-mail validation - Improvement in sync-metadata for loading federation metadata files - Improvement of the user_profile source of attribute aggregator - Using attribute as federation id in the service provider - Added signals to modify attribute loading - Attribute mapping module is customizable through a setting - Improvements for supporting legacy CAS clients - Remove of auth2_oath authentication backend for copyright reasons - Support for Drupal 7 hashed passwords - Support for attributes in CAS tickets Bugs: - Too much to be listed 2.0.2 - May 11th 2012 --------------------- 7 commits, 15 files changed, 920 insertions, 163 deletions Changes: * The setup script is based on setuptools and handle dependencies. * Prefer using pycurl instead of M2Crypto to retrieve HTTPs URLS as it supports server name indication Bugs: * Fix data files not installed with the setup Other: * Documentation updated. 2.0.1 - April 27th 2012 -------------------------- 48 commits, 97 files changed, 1456 insertions, 1112 deletions Changes: * Authentic2 now runs with Django1.4. Deprecated functions removal is still in progress. * CsrfMiddleware is not used anymore. * Debug is the default mode. * Limit dependency of attribute aggregator on python-ldap. * Modification of the attribute aggregator mapping file. * The private key from Lasso dumps is not logged anymore. Features: * As a SAML2 IdP, the user consent for federation when a transient nameID is served is not asked anymore. * As a SAML2 SP, it is now possible to ask another authentication when a transient nameID is received. Bugs: * Fix in cache_and_validate. * Fix service provider list on homepage. * Fix in attribute aggregator profile creation. Other: * Beginning of a pep8 review. * Documentation updated. * Translation updated. 2.0.0 - December 22nd 2011 -------------------------- Main Features: * SAML 2.0 Identity provider * ID-FF 1.2 Identity provider * OpenID provider * CAS server * SAML 2.0 Service provider * ID-FF 1.2 Service provider * OpenID relying party * Protocol proxying * Authentication by simple password * Authentication by one-time password OATH and google-authenticator * Authentication by self-signed X509 certificates avoer SSL/TLS * Authentication on LDAP * Authentication on PAM * Attribute management for attributes in SAML2 authentication requests * Attribute namespace mapping