Server has been upgraded to GitLab release 13.9.6

CHANGES 7.48 KB
Newer Older
1 2 3 4
Copyright 2011 SWITCH - Serving Swiss Universities. 
See LICENSE file for details.

-------------------------------------------------------------------------------
haemmer's avatar
haemmer committed
5
SWITCHwayf
6 7 8 9 10 11
Contact: aai@switch.ch or go to http://www.switch.ch/aai/wayf
Version: See head of file 'WAYF' in the same directory
Project web site: https://forge.switch.ch/redmine/projects/wayf
Bug reports/feature requests: https://forge.switch.ch/redmine/projects/wayf/issues
-------------------------------------------------------------------------------

haemmer's avatar
haemmer committed
12 13 14 15 16 17 18 19 20 21 22 23 24 25
Version Number Policy:

Releases with a 0version number X.Y.Z usually are bug fix releases, typo 
corrections and graphical changes.
Releases with a version number X.Y usually are minor releases that introduce 
new functionality. Few adapations in the configuration might be necessary to
upgrade to minor releases.
Releases with a version number X are major releases that will require major 
changes in the configuration files. Therefore, a clean instalation might be 
necessary for such releases.

-------------------------------------------------------------------------------


26 27
SWITCHwayf Changes and Version History:

28
1.16    Release date: 19. January 2012
29
        - Added an improved version of the drop down list to the WAYF
30 31 32
          Inspired by code from Takeshi Nishimura from NII (Japan)
          Uses modified ImprovedDropdown JQuery library by John Fuex
          See LICENSE file for further information
33
        - Added cookieSecurity option to set and transmit cookies securely 
34
          Code contributed by Takeshi Nishimura from NII (Japan)
35 36
        - Added additional data protection feature that uses the referer to
          decide whether or not to preselect an Identity Provider in the
37
          Embedded WAYF.
38
          Code contributed by Takeshi Nishimura from NII (Japan)
39 40
        - If the Discovery Feed feature is activated only those IdPs are shown 
          that are contained in the feed. Others will be hidden automatically.
41 42
        - Added Keywords property to format of IDP entries to allow users to
          search Identity Providers using a keyword.
43

44 45 46 47 48
1.15    Release date: 21. October 2011
        - A default and custom CSS file can now be used
        - Graphical design now is based new SWITCH harmos elements
        - Adapted JSON output to use format used by Shibboleth SP
        - Renamed some string keys to make them independent from SWITCH
haemmer's avatar
haemmer committed
49 50 51
          ###################################################################
          Please review the 'Specific Update Instructions' in the README file
          ###################################################################
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113
        - Added support for the Shibboleth SP 2.4 Discovery Feed JSON output
          in Embedded WAYF
        - Focus on submit button works better with different browsers
        - Invalid values for width and height are now defaulted to auto for
          Embedded WAYF
        - Fixed a URL composing bug that resulted in a wrong return URL to 
          the Service Provider if the return parameter did not contain any GET
          arguments. Reported by Tom Scavo
        - Made implementation behave according to the Discovery Service protocol
          specification when it comes to the return parameter. This parameter
          is optional in case the DS knows the SP Discovery URL.
          Reported by Tom Scavo.
          
1.14.3  Release date: 4. March 2011
        - Fixed a race condition. Thanks go to Robert Basch from MIT for 
          reporting the issue and providing a patch.

1.14.2  Release date: 15. December 2010
        - IDProvider.conf.php and config.php are not overwritten anymore by upgrades
        - Logging to syslog now works properly and is more consistent
        - Access log now properly locks file
        - Unknown category is not shown anymore when there is no other category
        - Namespaces are now taken properly into account when parsing SAML2 
          metadata. Thanks go to Olivier Salaün for reporting this issue and
          submitting a patch.
        - Improved installation instructions

1.14.1  Release date: 12. November 2010
        - Fixed an encoding bug that affected non-ASCII characters in 
          JavaScripts. Thanks to Prof. Kazutsuna Yamaji for reporting this issue.
        - Corrected behaviour of $enableDSReturnParamCheck and 
          $useACURLsForReturnParamCheck. There won't be an error anymore if an SP 
          has no <idpdisc:DiscoveryResponse> extension defined. In such a case
          there will only be a check if $useACURLsForReturnParamCheck is enabled.
        - Fixed a bug in readMetadata.php that prevented CLI execution
        - Changed the default configuration option to generate the Embedded WAYF
          to false due to some concerns regarding phishing attacks
        - Added proper copyright statements to all source code files

1.14   Release date: 9. November 2010
        - Added the configuration option wayf_force_remember_for_session to
         the Embedded WAYF on request of Wolgang Lierz. This
         option allows setting the remember for session checkbox to true
       - The 'return' parameter of a Discovery Service request can now be 
         checked using the idp-discovery-protocol extension or using the FQDN 
         of all the Service Provider's assertion consumer URLs. The latter 
         alternative is less secure but still offers better security against 
         phising attacks. Have a look at config.dist.php and the README for 
         more detailed explanations on these feature.
       - Metadata parsing now uses DOM XML for PHP5 instead of Simple XML
       - Fixed a minor HTML error in template for Embedded WAYF
       - Sorting within categories works now correctly if SAML2 metadata is 
         used to generate Identity Provider drop-down list. 
         Thanks to Prof. Kazutsuna Yamaji
         Informatics (NII) for reporting this issue.
       - Fixed a minor bug in templates.php that cause PHP warnings to show up
         in case an invalid IdP was stored in the cookie.
       - Fixed a bug affecting the Kerberos authentication.
         Thanks to Robert Basch for reporting these bugs and for 
         submitting patches.
       - Fixed a bug where hidden IdPs would still be shown in Embedded WAYF

haemmer's avatar
haemmer committed
114
The revision history of older versions, can be found on the SWITCHwayf web page:
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131
https://forge.switch.ch/redmine/projects/wayf/wiki/Changes

-------------------------------------------------------------------------------

Credits:
Find below the list of people who have contributed to code, either because they 
found bugs, suggested improvements or contributed code. Have a look at the 
version history in order to see the individual contributions. The list is sorted 
alphabetically.

- Robert Basch from MIT (US)
- Pavlos Drandakis from University of Athens (GR)
- Nicolas Dunand from Université Lausanne (CH)
- Michael R. Gettes from Internet2 (US)
- Nuno Gonçalves from FCCN (PT)
- Florent Guilleux from CRU (FR)
- Josh Howlett from University of Bristol (UK)
haemmer's avatar
haemmer committed
132
- Franz Kuster from ETH Zurich (CH)
133
- Wolgang Lierz from ETH Zurich (CH)
haemmer's avatar
haemmer committed
134
- Takeshi Nishimura NII National Institute of Informatics (JP)
135 136 137 138 139 140
- Lourival Pereira Vieira Neto from RNP (BR)
- Martins Purins from Latvijas Universitates (LV)
- Olivier Salaün from RENATER (FR)
- Tom Scavo from Internet2 (US)
- Mika Suvanto from CSC (FI)
- Huân Thebault from Centre de Calcul de l'IN2P3 (FR)
haemmer's avatar
haemmer committed
141
- Prof. Kazutsuna Yamaji from NII National Institute of Informatics (JP)
142 143
- And of course all SWITCH staff members who have contributed suggestions,
  bug fixes and translation to this code.