CHANGES 9.71 KB
Newer Older
haemmer's avatar
haemmer committed
1
Copyright (c) 2013, SWITCH - Serving Swiss Universities
2
3
4
See LICENSE file for details.

-------------------------------------------------------------------------------
haemmer's avatar
haemmer committed
5
SWITCHwayf
6
7
8
9
10
11
Contact: aai@switch.ch or go to http://www.switch.ch/aai/wayf
Version: See head of file 'WAYF' in the same directory
Project web site: https://forge.switch.ch/redmine/projects/wayf
Bug reports/feature requests: https://forge.switch.ch/redmine/projects/wayf/issues
-------------------------------------------------------------------------------

haemmer's avatar
haemmer committed
12
13
14
15
16
17
18
19
20
21
22
23
24
25
Version Number Policy:

Releases with a 0version number X.Y.Z usually are bug fix releases, typo 
corrections and graphical changes.
Releases with a version number X.Y usually are minor releases that introduce 
new functionality. Few adapations in the configuration might be necessary to
upgrade to minor releases.
Releases with a version number X are major releases that will require major 
changes in the configuration files. Therefore, a clean instalation might be 
necessary for such releases.

-------------------------------------------------------------------------------


26
SWITCHwayf Changes and Version History:
haemmer's avatar
haemmer committed
27
28
29
30
31
32
1.18    - Changed default SessionInitiator of the Embedded WAYF to 
          /Login because this has been the default SessionInitiator in 
          Shibboleth for quite some time now.
        - Corrected viewport meta tag separator of default header as suggested
          by Andrew Sokolov from Saint Petersburg State University 
        - Removed as many SWITCH-specific graphics and texts as possible.
haemmer's avatar
haemmer committed
33
34
35
36
        - Introduced configuration options to allow easier customization.
        - Fixed a few small bugs
        - Added some optimizations to the drop-down list search-as-you type 
          feature
haemmer's avatar
haemmer committed
37
        - The log file now logs - if possible - also the SP entityID/providerId
haemmer's avatar
haemmer committed
38
39
40
        - Some small styling changes/CSS improvements
        
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/62
haemmer's avatar
haemmer committed
41
42
43
        Please read the specific update instructions in the README file, as some
        new configuration options were introduced that should be revised.

44
1.17.1  Release date:  14. June 2012
45
46
47
        - Fixed a bug occuring when wayf_sp_samlDSURL contains GET arguments
          Bug reported with a patch by Takeshi Nishimura from NII (Japan)
        - Fixed typo in configuration otpion useImprovedDropDownList
haemmer's avatar
haemmer committed
48
        - Added Javascripts required for improved drop down list
haemmer's avatar
haemmer committed
49
50
        
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/55
haemmer's avatar
haemmer committed
51

52
1.17    Release date:  18. May 2012
haemmer's avatar
haemmer committed
53
        - Added CSS styles for mobile view
haemmer's avatar
haemmer committed
54
55
56
        - Embedded WAYF now reads 'entityID' and 'return' GET arguments.
          They get precedence over the values configured for the Embedded WAYF.
        - Embedded WAYF logged in message now contains a link to target URL
haemmer's avatar
haemmer committed
57
58
        
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/45
haemmer's avatar
haemmer committed
59

60
1.16    Release date: 19. January 2012
61
        - Added an improved version of the drop down list to the WAYF
62
63
64
          Inspired by code from Takeshi Nishimura from NII (Japan)
          Uses modified ImprovedDropdown JQuery library by John Fuex
          See LICENSE file for further information
65
        - Added cookieSecurity option to set and transmit cookies securely 
66
          Code contributed by Takeshi Nishimura from NII (Japan)
67
68
        - Added additional data protection feature that uses the referer to
          decide whether or not to preselect an Identity Provider in the
69
          Embedded WAYF.
70
          Code contributed by Takeshi Nishimura from NII (Japan)
71
72
        - If the Discovery Feed feature is activated only those IdPs are shown 
          that are contained in the feed. Others will be hidden automatically.
73
74
        - Added Keywords property to format of IDP entries to allow users to
          search Identity Providers using a keyword.
75

haemmer's avatar
haemmer committed
76
77
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/40

78
79
80
81
82
1.15    Release date: 21. October 2011
        - A default and custom CSS file can now be used
        - Graphical design now is based new SWITCH harmos elements
        - Adapted JSON output to use format used by Shibboleth SP
        - Renamed some string keys to make them independent from SWITCH
haemmer's avatar
haemmer committed
83
84
85
          ###################################################################
          Please review the 'Specific Update Instructions' in the README file
          ###################################################################
86
87
88
89
90
91
92
93
94
95
96
97
        - Added support for the Shibboleth SP 2.4 Discovery Feed JSON output
          in Embedded WAYF
        - Focus on submit button works better with different browsers
        - Invalid values for width and height are now defaulted to auto for
          Embedded WAYF
        - Fixed a URL composing bug that resulted in a wrong return URL to 
          the Service Provider if the return parameter did not contain any GET
          arguments. Reported by Tom Scavo
        - Made implementation behave according to the Discovery Service protocol
          specification when it comes to the return parameter. This parameter
          is optional in case the DS knows the SP Discovery URL.
          Reported by Tom Scavo.
haemmer's avatar
haemmer committed
98
99

        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/26
100
101
102
103
104
          
1.14.3  Release date: 4. March 2011
        - Fixed a race condition. Thanks go to Robert Basch from MIT for 
          reporting the issue and providing a patch.

haemmer's avatar
haemmer committed
105
106
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/32

107
108
109
110
111
112
113
114
115
116
1.14.2  Release date: 15. December 2010
        - IDProvider.conf.php and config.php are not overwritten anymore by upgrades
        - Logging to syslog now works properly and is more consistent
        - Access log now properly locks file
        - Unknown category is not shown anymore when there is no other category
        - Namespaces are now taken properly into account when parsing SAML2 
          metadata. Thanks go to Olivier Salaün for reporting this issue and
          submitting a patch.
        - Improved installation instructions

haemmer's avatar
haemmer committed
117
118
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/25

119
120
121
122
123
124
125
126
127
128
129
130
1.14.1  Release date: 12. November 2010
        - Fixed an encoding bug that affected non-ASCII characters in 
          JavaScripts. Thanks to Prof. Kazutsuna Yamaji for reporting this issue.
        - Corrected behaviour of $enableDSReturnParamCheck and 
          $useACURLsForReturnParamCheck. There won't be an error anymore if an SP 
          has no <idpdisc:DiscoveryResponse> extension defined. In such a case
          there will only be a check if $useACURLsForReturnParamCheck is enabled.
        - Fixed a bug in readMetadata.php that prevented CLI execution
        - Changed the default configuration option to generate the Embedded WAYF
          to false due to some concerns regarding phishing attacks
        - Added proper copyright statements to all source code files

haemmer's avatar
haemmer committed
131
132
133
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/21


134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
1.14   Release date: 9. November 2010
        - Added the configuration option wayf_force_remember_for_session to
         the Embedded WAYF on request of Wolgang Lierz. This
         option allows setting the remember for session checkbox to true
       - The 'return' parameter of a Discovery Service request can now be 
         checked using the idp-discovery-protocol extension or using the FQDN 
         of all the Service Provider's assertion consumer URLs. The latter 
         alternative is less secure but still offers better security against 
         phising attacks. Have a look at config.dist.php and the README for 
         more detailed explanations on these feature.
       - Metadata parsing now uses DOM XML for PHP5 instead of Simple XML
       - Fixed a minor HTML error in template for Embedded WAYF
       - Sorting within categories works now correctly if SAML2 metadata is 
         used to generate Identity Provider drop-down list. 
         Thanks to Prof. Kazutsuna Yamaji
         Informatics (NII) for reporting this issue.
       - Fixed a minor bug in templates.php that cause PHP warnings to show up
         in case an invalid IdP was stored in the cookie.
       - Fixed a bug affecting the Kerberos authentication.
         Thanks to Robert Basch for reporting these bugs and for 
         submitting patches.
       - Fixed a bug where hidden IdPs would still be shown in Embedded WAYF

haemmer's avatar
haemmer committed
157
158
159
        Issues: https://forge.switch.ch/redmine/projects/wayf/versions/17


haemmer's avatar
haemmer committed
160
The revision history of older versions, can be found on the SWITCHwayf web page:
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
https://forge.switch.ch/redmine/projects/wayf/wiki/Changes

-------------------------------------------------------------------------------

Credits:
Find below the list of people who have contributed to code, either because they 
found bugs, suggested improvements or contributed code. Have a look at the 
version history in order to see the individual contributions. The list is sorted 
alphabetically.

- Robert Basch from MIT (US)
- Pavlos Drandakis from University of Athens (GR)
- Nicolas Dunand from Université Lausanne (CH)
- Michael R. Gettes from Internet2 (US)
- Nuno Gonçalves from FCCN (PT)
- Florent Guilleux from CRU (FR)
- Josh Howlett from University of Bristol (UK)
haemmer's avatar
haemmer committed
178
- Franz Kuster from ETH Zurich (CH)
179
- Wolgang Lierz from ETH Zurich (CH)
haemmer's avatar
haemmer committed
180
- Takeshi Nishimura NII National Institute of Informatics (JP)
181
182
183
184
- Lourival Pereira Vieira Neto from RNP (BR)
- Martins Purins from Latvijas Universitates (LV)
- Olivier Salaün from RENATER (FR)
- Tom Scavo from Internet2 (US)
haemmer's avatar
haemmer committed
185
- Andrew Sokolov, Saint Petersburg State University (RU)
186
187
- Mika Suvanto from CSC (FI)
- Huân Thebault from Centre de Calcul de l'IN2P3 (FR)
haemmer's avatar
haemmer committed
188
- Prof. Kazutsuna Yamaji from NII National Institute of Informatics (JP)
189
190
- And of course all SWITCH staff members who have contributed suggestions,
  bug fixes and translation to this code.