In order to mitigate against the brute force attacks against Gitlab accounts, we are moving to all edu-ID Logins. We would like to remind you to link your account with your edu-id. Login will be possible only by edu-ID after November 30, 2021. Here you can find the instructions for linking your account.

If you don't have a SWITCH edu-ID, you can create one with this guide here

kind regards

This Server has been upgraded to GitLab release 14.2.6

CHANGES 9.89 KB
Newer Older
haemmer's avatar
haemmer committed
1
Copyright (c) 2013, SWITCH - Serving Swiss Universities
2
3
4
See LICENSE file for details.

-------------------------------------------------------------------------------
haemmer's avatar
haemmer committed
5
SWITCHwayf
6
7
8
9
10
11
Contact: aai@switch.ch or go to http://www.switch.ch/aai/wayf
Version: See head of file 'WAYF' in the same directory
Project web site: https://forge.switch.ch/redmine/projects/wayf
Bug reports/feature requests: https://forge.switch.ch/redmine/projects/wayf/issues
-------------------------------------------------------------------------------

haemmer's avatar
haemmer committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Version Number Policy:

Releases with a 0version number X.Y.Z usually are bug fix releases, typo 
corrections and graphical changes.
Releases with a version number X.Y usually are minor releases that introduce 
new functionality. Few adapations in the configuration might be necessary to
upgrade to minor releases.
Releases with a version number X are major releases that will require major 
changes in the configuration files. Therefore, a clean instalation might be 
necessary for such releases.

-------------------------------------------------------------------------------


26
SWITCHwayf Changes and Version History:
haemmer's avatar
haemmer committed
27
28
29
30
31
1.18    - Changed default SessionInitiator of the Embedded WAYF to 
          /Login because this has been the default SessionInitiator in 
          Shibboleth for quite some time now.
        - Corrected viewport meta tag separator of default header as suggested
          by Andrew Sokolov from Saint Petersburg State University 
haemmer's avatar
haemmer committed
32
33
        - Fixed a bug in the IdP preselection of the embedded wayf when
          additional IdPs where added
haemmer's avatar
haemmer committed
34
        - Removed as many SWITCH-specific graphics and texts as possible.
haemmer's avatar
haemmer committed
35
36
37
38
        - Introduced configuration options to allow easier customization.
        - Fixed a few small bugs
        - Added some optimizations to the drop-down list search-as-you type 
          feature
haemmer's avatar
haemmer committed
39
        - The log file now logs - if possible - also the SP entityID/providerId
haemmer's avatar
haemmer committed
40
        - Some small styling changes/CSS improvements
haemmer's avatar
haemmer committed
41
        - Added Japanese locales from the GakuNin version of the WAYF
haemmer's avatar
haemmer committed
42
43
        
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/62
haemmer's avatar
haemmer committed
44
45
46
        Please read the specific update instructions in the README file, as some
        new configuration options were introduced that should be revised.

47
1.17.1  Release date:  14. June 2012
48
49
50
        - Fixed a bug occuring when wayf_sp_samlDSURL contains GET arguments
          Bug reported with a patch by Takeshi Nishimura from NII (Japan)
        - Fixed typo in configuration otpion useImprovedDropDownList
haemmer's avatar
haemmer committed
51
        - Added Javascripts required for improved drop down list
haemmer's avatar
haemmer committed
52
53
        
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/55
haemmer's avatar
haemmer committed
54

55
1.17    Release date:  18. May 2012
haemmer's avatar
haemmer committed
56
        - Added CSS styles for mobile view
haemmer's avatar
haemmer committed
57
58
59
        - Embedded WAYF now reads 'entityID' and 'return' GET arguments.
          They get precedence over the values configured for the Embedded WAYF.
        - Embedded WAYF logged in message now contains a link to target URL
haemmer's avatar
haemmer committed
60
61
        
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/45
haemmer's avatar
haemmer committed
62

63
1.16    Release date: 19. January 2012
64
        - Added an improved version of the drop down list to the WAYF
65
66
67
          Inspired by code from Takeshi Nishimura from NII (Japan)
          Uses modified ImprovedDropdown JQuery library by John Fuex
          See LICENSE file for further information
68
        - Added cookieSecurity option to set and transmit cookies securely 
69
          Code contributed by Takeshi Nishimura from NII (Japan)
70
71
        - Added additional data protection feature that uses the referer to
          decide whether or not to preselect an Identity Provider in the
72
          Embedded WAYF.
73
          Code contributed by Takeshi Nishimura from NII (Japan)
74
75
        - If the Discovery Feed feature is activated only those IdPs are shown 
          that are contained in the feed. Others will be hidden automatically.
76
77
        - Added Keywords property to format of IDP entries to allow users to
          search Identity Providers using a keyword.
78

haemmer's avatar
haemmer committed
79
80
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/40

81
82
83
84
85
1.15    Release date: 21. October 2011
        - A default and custom CSS file can now be used
        - Graphical design now is based new SWITCH harmos elements
        - Adapted JSON output to use format used by Shibboleth SP
        - Renamed some string keys to make them independent from SWITCH
haemmer's avatar
haemmer committed
86
87
88
          ###################################################################
          Please review the 'Specific Update Instructions' in the README file
          ###################################################################
89
90
91
92
93
94
95
96
97
98
99
100
        - Added support for the Shibboleth SP 2.4 Discovery Feed JSON output
          in Embedded WAYF
        - Focus on submit button works better with different browsers
        - Invalid values for width and height are now defaulted to auto for
          Embedded WAYF
        - Fixed a URL composing bug that resulted in a wrong return URL to 
          the Service Provider if the return parameter did not contain any GET
          arguments. Reported by Tom Scavo
        - Made implementation behave according to the Discovery Service protocol
          specification when it comes to the return parameter. This parameter
          is optional in case the DS knows the SP Discovery URL.
          Reported by Tom Scavo.
haemmer's avatar
haemmer committed
101
102

        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/26
103
104
105
106
107
          
1.14.3  Release date: 4. March 2011
        - Fixed a race condition. Thanks go to Robert Basch from MIT for 
          reporting the issue and providing a patch.

haemmer's avatar
haemmer committed
108
109
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/32

110
111
112
113
114
115
116
117
118
119
1.14.2  Release date: 15. December 2010
        - IDProvider.conf.php and config.php are not overwritten anymore by upgrades
        - Logging to syslog now works properly and is more consistent
        - Access log now properly locks file
        - Unknown category is not shown anymore when there is no other category
        - Namespaces are now taken properly into account when parsing SAML2 
          metadata. Thanks go to Olivier Salaün for reporting this issue and
          submitting a patch.
        - Improved installation instructions

haemmer's avatar
haemmer committed
120
121
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/25

122
123
124
125
126
127
128
129
130
131
132
133
1.14.1  Release date: 12. November 2010
        - Fixed an encoding bug that affected non-ASCII characters in 
          JavaScripts. Thanks to Prof. Kazutsuna Yamaji for reporting this issue.
        - Corrected behaviour of $enableDSReturnParamCheck and 
          $useACURLsForReturnParamCheck. There won't be an error anymore if an SP 
          has no <idpdisc:DiscoveryResponse> extension defined. In such a case
          there will only be a check if $useACURLsForReturnParamCheck is enabled.
        - Fixed a bug in readMetadata.php that prevented CLI execution
        - Changed the default configuration option to generate the Embedded WAYF
          to false due to some concerns regarding phishing attacks
        - Added proper copyright statements to all source code files

haemmer's avatar
haemmer committed
134
135
136
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/21


137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
1.14   Release date: 9. November 2010
        - Added the configuration option wayf_force_remember_for_session to
         the Embedded WAYF on request of Wolgang Lierz. This
         option allows setting the remember for session checkbox to true
       - The 'return' parameter of a Discovery Service request can now be 
         checked using the idp-discovery-protocol extension or using the FQDN 
         of all the Service Provider's assertion consumer URLs. The latter 
         alternative is less secure but still offers better security against 
         phising attacks. Have a look at config.dist.php and the README for 
         more detailed explanations on these feature.
       - Metadata parsing now uses DOM XML for PHP5 instead of Simple XML
       - Fixed a minor HTML error in template for Embedded WAYF
       - Sorting within categories works now correctly if SAML2 metadata is 
         used to generate Identity Provider drop-down list. 
         Thanks to Prof. Kazutsuna Yamaji
         Informatics (NII) for reporting this issue.
       - Fixed a minor bug in templates.php that cause PHP warnings to show up
         in case an invalid IdP was stored in the cookie.
       - Fixed a bug affecting the Kerberos authentication.
         Thanks to Robert Basch for reporting these bugs and for 
         submitting patches.
       - Fixed a bug where hidden IdPs would still be shown in Embedded WAYF

haemmer's avatar
haemmer committed
160
161
162
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/17


haemmer's avatar
haemmer committed
163
The revision history of older versions, can be found on the SWITCHwayf web page:
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
https://forge.switch.ch/redmine/projects/wayf/wiki/Changes

-------------------------------------------------------------------------------

Credits:
Find below the list of people who have contributed to code, either because they 
found bugs, suggested improvements or contributed code. Have a look at the 
version history in order to see the individual contributions. The list is sorted 
alphabetically.

- Robert Basch from MIT (US)
- Pavlos Drandakis from University of Athens (GR)
- Nicolas Dunand from Université Lausanne (CH)
- Michael R. Gettes from Internet2 (US)
- Nuno Gonçalves from FCCN (PT)
- Florent Guilleux from CRU (FR)
- Josh Howlett from University of Bristol (UK)
haemmer's avatar
haemmer committed
181
- Franz Kuster from ETH Zurich (CH)
182
- Wolgang Lierz from ETH Zurich (CH)
haemmer's avatar
haemmer committed
183
- Takeshi Nishimura NII National Institute of Informatics (JP)
184
185
186
187
- Lourival Pereira Vieira Neto from RNP (BR)
- Martins Purins from Latvijas Universitates (LV)
- Olivier Salaün from RENATER (FR)
- Tom Scavo from Internet2 (US)
haemmer's avatar
haemmer committed
188
- Andrew Sokolov, Saint Petersburg State University (RU)
189
190
- Mika Suvanto from CSC (FI)
- Huân Thebault from Centre de Calcul de l'IN2P3 (FR)
haemmer's avatar
haemmer committed
191
- Prof. Kazutsuna Yamaji from NII National Institute of Informatics (JP)
192
193
- And of course all SWITCH staff members who have contributed suggestions,
  bug fixes and translation to this code.