In order to mitigate against the brute force attacks against Gitlab accounts, we are moving to all edu-ID Logins. We would like to remind you to link your account with your edu-id. Login will be possible only by edu-ID after November 30, 2021. Here you can find the instructions for linking your account.

If you don't have a SWITCH edu-ID, you can create one with this guide here

kind regards

This Server has been upgraded to GitLab release 14.2.6

CHANGES 8.25 KB
Newer Older
haemmer's avatar
haemmer committed
1
Copyright 2012 SWITCH - Serving Swiss Universities. 
2
3
4
See LICENSE file for details.

-------------------------------------------------------------------------------
haemmer's avatar
haemmer committed
5
SWITCHwayf
6
7
8
9
10
11
Contact: aai@switch.ch or go to http://www.switch.ch/aai/wayf
Version: See head of file 'WAYF' in the same directory
Project web site: https://forge.switch.ch/redmine/projects/wayf
Bug reports/feature requests: https://forge.switch.ch/redmine/projects/wayf/issues
-------------------------------------------------------------------------------

haemmer's avatar
haemmer committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Version Number Policy:

Releases with a 0version number X.Y.Z usually are bug fix releases, typo 
corrections and graphical changes.
Releases with a version number X.Y usually are minor releases that introduce 
new functionality. Few adapations in the configuration might be necessary to
upgrade to minor releases.
Releases with a version number X are major releases that will require major 
changes in the configuration files. Therefore, a clean instalation might be 
necessary for such releases.

-------------------------------------------------------------------------------


26
SWITCHwayf Changes and Version History:
27
28
29
1.17.2    
        - Changed default SessionInitiator to /Login because this has been
          the default SessionInitiator in Shibboleth for quite some time now.
30

31
1.17.1  Release date:  14. June 2012
32
33
34
        - Fixed a bug occuring when wayf_sp_samlDSURL contains GET arguments
          Bug reported with a patch by Takeshi Nishimura from NII (Japan)
        - Fixed typo in configuration otpion useImprovedDropDownList
haemmer's avatar
haemmer committed
35
        - Added Javascripts required for improved drop down list
haemmer's avatar
haemmer committed
36

37
1.17    Release date:  18. May 2012
haemmer's avatar
haemmer committed
38
        - Added CSS styles for mobile view
haemmer's avatar
haemmer committed
39
40
41
        - Embedded WAYF now reads 'entityID' and 'return' GET arguments.
          They get precedence over the values configured for the Embedded WAYF.
        - Embedded WAYF logged in message now contains a link to target URL
haemmer's avatar
haemmer committed
42

43
1.16    Release date: 19. January 2012
44
        - Added an improved version of the drop down list to the WAYF
45
46
47
          Inspired by code from Takeshi Nishimura from NII (Japan)
          Uses modified ImprovedDropdown JQuery library by John Fuex
          See LICENSE file for further information
48
        - Added cookieSecurity option to set and transmit cookies securely 
49
          Code contributed by Takeshi Nishimura from NII (Japan)
50
51
        - Added additional data protection feature that uses the referer to
          decide whether or not to preselect an Identity Provider in the
52
          Embedded WAYF.
53
          Code contributed by Takeshi Nishimura from NII (Japan)
54
55
        - If the Discovery Feed feature is activated only those IdPs are shown 
          that are contained in the feed. Others will be hidden automatically.
56
57
        - Added Keywords property to format of IDP entries to allow users to
          search Identity Providers using a keyword.
58

59
60
61
62
63
1.15    Release date: 21. October 2011
        - A default and custom CSS file can now be used
        - Graphical design now is based new SWITCH harmos elements
        - Adapted JSON output to use format used by Shibboleth SP
        - Renamed some string keys to make them independent from SWITCH
haemmer's avatar
haemmer committed
64
65
66
          ###################################################################
          Please review the 'Specific Update Instructions' in the README file
          ###################################################################
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
        - Added support for the Shibboleth SP 2.4 Discovery Feed JSON output
          in Embedded WAYF
        - Focus on submit button works better with different browsers
        - Invalid values for width and height are now defaulted to auto for
          Embedded WAYF
        - Fixed a URL composing bug that resulted in a wrong return URL to 
          the Service Provider if the return parameter did not contain any GET
          arguments. Reported by Tom Scavo
        - Made implementation behave according to the Discovery Service protocol
          specification when it comes to the return parameter. This parameter
          is optional in case the DS knows the SP Discovery URL.
          Reported by Tom Scavo.
          
1.14.3  Release date: 4. March 2011
        - Fixed a race condition. Thanks go to Robert Basch from MIT for 
          reporting the issue and providing a patch.

1.14.2  Release date: 15. December 2010
        - IDProvider.conf.php and config.php are not overwritten anymore by upgrades
        - Logging to syslog now works properly and is more consistent
        - Access log now properly locks file
        - Unknown category is not shown anymore when there is no other category
        - Namespaces are now taken properly into account when parsing SAML2 
          metadata. Thanks go to Olivier Salaün for reporting this issue and
          submitting a patch.
        - Improved installation instructions

1.14.1  Release date: 12. November 2010
        - Fixed an encoding bug that affected non-ASCII characters in 
          JavaScripts. Thanks to Prof. Kazutsuna Yamaji for reporting this issue.
        - Corrected behaviour of $enableDSReturnParamCheck and 
          $useACURLsForReturnParamCheck. There won't be an error anymore if an SP 
          has no <idpdisc:DiscoveryResponse> extension defined. In such a case
          there will only be a check if $useACURLsForReturnParamCheck is enabled.
        - Fixed a bug in readMetadata.php that prevented CLI execution
        - Changed the default configuration option to generate the Embedded WAYF
          to false due to some concerns regarding phishing attacks
        - Added proper copyright statements to all source code files

1.14   Release date: 9. November 2010
        - Added the configuration option wayf_force_remember_for_session to
         the Embedded WAYF on request of Wolgang Lierz. This
         option allows setting the remember for session checkbox to true
       - The 'return' parameter of a Discovery Service request can now be 
         checked using the idp-discovery-protocol extension or using the FQDN 
         of all the Service Provider's assertion consumer URLs. The latter 
         alternative is less secure but still offers better security against 
         phising attacks. Have a look at config.dist.php and the README for 
         more detailed explanations on these feature.
       - Metadata parsing now uses DOM XML for PHP5 instead of Simple XML
       - Fixed a minor HTML error in template for Embedded WAYF
       - Sorting within categories works now correctly if SAML2 metadata is 
         used to generate Identity Provider drop-down list. 
         Thanks to Prof. Kazutsuna Yamaji
         Informatics (NII) for reporting this issue.
       - Fixed a minor bug in templates.php that cause PHP warnings to show up
         in case an invalid IdP was stored in the cookie.
       - Fixed a bug affecting the Kerberos authentication.
         Thanks to Robert Basch for reporting these bugs and for 
         submitting patches.
       - Fixed a bug where hidden IdPs would still be shown in Embedded WAYF

haemmer's avatar
haemmer committed
129
The revision history of older versions, can be found on the SWITCHwayf web page:
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
https://forge.switch.ch/redmine/projects/wayf/wiki/Changes

-------------------------------------------------------------------------------

Credits:
Find below the list of people who have contributed to code, either because they 
found bugs, suggested improvements or contributed code. Have a look at the 
version history in order to see the individual contributions. The list is sorted 
alphabetically.

- Robert Basch from MIT (US)
- Pavlos Drandakis from University of Athens (GR)
- Nicolas Dunand from Université Lausanne (CH)
- Michael R. Gettes from Internet2 (US)
- Nuno Gonçalves from FCCN (PT)
- Florent Guilleux from CRU (FR)
- Josh Howlett from University of Bristol (UK)
haemmer's avatar
haemmer committed
147
- Franz Kuster from ETH Zurich (CH)
148
- Wolgang Lierz from ETH Zurich (CH)
haemmer's avatar
haemmer committed
149
- Takeshi Nishimura NII National Institute of Informatics (JP)
150
151
152
153
154
155
- Lourival Pereira Vieira Neto from RNP (BR)
- Martins Purins from Latvijas Universitates (LV)
- Olivier Salaün from RENATER (FR)
- Tom Scavo from Internet2 (US)
- Mika Suvanto from CSC (FI)
- Huân Thebault from Centre de Calcul de l'IN2P3 (FR)
haemmer's avatar
haemmer committed
156
- Prof. Kazutsuna Yamaji from NII National Institute of Informatics (JP)
157
158
- And of course all SWITCH staff members who have contributed suggestions,
  bug fixes and translation to this code.