[Checkins] SVN: Products.PluggableAuthService/trunk/HISTORY.txt Restore changelog info about historical versions in HISTORY.txt.
Tres Seaver
tseaver at palladion.com
Fri Feb 18 16:36:16 EST 2011
Log message for revision 120427:
Restore changelog info about historical versions in HISTORY.txt.
Changed:
A Products.PluggableAuthService/trunk/HISTORY.txt
-=-
Added: Products.PluggableAuthService/trunk/HISTORY.txt
===================================================================
--- Products.PluggableAuthService/trunk/HISTORY.txt (rev 0)
+++ Products.PluggableAuthService/trunk/HISTORY.txt 2011-02-18 21:36:14 UTC (rev 120427)
@@ -0,0 +1,288 @@
+PluggableAuthService changelog
+==============================
+
+(Notes for "historical" versions of PAS).
+
+
+1.4 (2006-08-28)
+----------------
+
+- Extended the DomainAuthHelper to function as its own extraction
+ plugin, to allow for the case that another extractor is registered,
+ but does not return any credentials.
+ (http://www.zope.org/Collectors/PAS/46)
+
+- Re-worded parts of the README so they don't point to specific or
+ non-existing files (http://www.zope.org/Collectors/PAS/6 and
+ http://www.zope.org/Collectors/PAS/47)
+
+
+1.4-beta (2006-08-07)
+---------------------
+
+- Created a "Configured PAS" entry in the ZMI add list, which
+ allows creating a PAS using base and extension GenericSetup profiles
+ registered for IPluggableAuthService. This entry should eventually
+ replace the "stock" PAS entry (assuming that we make GenericSetup
+ a "hard" dependency).
+
+- Added an "empty" GenericSetup profile, which creates a PAS containing
+ only a plugin registry and a setup tool.
+
+- Repaired the "simple" GenericSetup profile to be useful, rather than
+ catastrophic, to apply: it now creates and registers a set of
+ ZODB-based user / group / role plugins, along with a basic auth
+ helper.
+
+- ZODBUserManager: Extend the "notional IZODBUserManager interface"
+ with the left-out updateUser facility and a corresponding
+ manage_updateUser method for ZMI use. Removed any responsibility
+ for updating a user's login from the updateUserPassword and
+ manage_updateUserPassword methods. This fixes the breakage
+ described in the collector issue below, and makes the ZMI view
+ for updating users work in a sane way.
+ (http://www.zope.org/Collectors/PAS/42)
+
+- CookieAuthHelper: If expireCookie was called and extractCredentials
+ was hit in the same request, the CookieAuthHelper would throw an
+ exception (http://www.zope.org/Collectors/PAS/43)
+
+- Added a DEPENDENCIES.txt. (http://www.zope.org/Collectors/PAS/44)
+
+
+1.3 (2006-06-09)
+----------------
+
+No changes from version 1.3-beta
+
+
+1.3-beta (2006-06-03)
+---------------------
+
+- Modify CookieAuthHelper to prefer '__ac' form variables to the cookie
+ when extracting credentials. (https://dev.plone.org/plone/ticket/5355)
+
+
+1.2 (2006-05-14)
+----------------
+
+- Fix manage_zmi_logout which stopped working correctly as soon as the
+ PluggableAuthService product code was installed by correcting the
+ monkeypatch for it in __init__.py.
+ (http://www.zope.org/Collectors/PAS/12)
+
+- Add missing interface for IPropertiedUser and tests
+ (http://www.zope.org/Collectors/PAS/16)
+
+- Removed STX links from README.txt which do nothing but return
+ 404s when clicked from the README on zope.org.
+ (http://www.zope.org/Collectors/PAS/6)
+
+- Fixing up inconsistent searching in the listAvailablePrincipals
+ method of the ZODBRoleManager and ZODBGroupManager plugins. Now both
+ constrain searches by ID.
+ (http://www.zope.org/Collectors/PAS/11)
+
+- Convert from using zLOG to using the Python logging module.
+ (http://www.zope.org/Collectors/PAS/14)
+
+
+1.2-beta (2006-02-25)
+---------------------
+
+- Added suppport for exporting / importing a PAS and its content via
+ the GenericSetup file export framework.
+
+- Made ZODBRoleManager plugin check grants to the principal's groups,
+ as well as those made to the principal directly.
+
+- Added two new interfaces, IChallengeProtocolChooser and
+ IRequestTypeSniffer. Those are used to select the 'authorization
+ protocol' or 'challenger protocol' to be used for challenging
+ according to the incoming request type.
+
+- Repaired warings appearing in Zope 2.8.5 due to a couple typos
+ in security declarations.
+
+- Repaired DeprecationWarnings due to use of Zope2 interface verification.
+
+- Repaired unit test breakage (unittest.TestCase instances have
+ 'failUnless'/'failIf', rather than 'assertTrue'/'assertFalse').
+
+- Fixed a couple more places where Zope 2-style ``__implements__``
+ were being used to standardize on using ``classImplements``.
+
+- Fixed fallback implementations of ``providedBy`` and
+ ``implementedBy`` to always return a tuple.
+
+- Make sure challenge doesn't break if existing instances of the
+ PluginRegistry don't yet have ``IChallengeProtocolChooser`` as a
+ registered interface. (Would be nice to have some sort of
+ migration for the PluginRegistry between PAS releases)
+
+- Don't assume that just because zope.interface can be imported
+ that Five is present.
+
+
+1.1b2 (2005-07-14)
+-----------------
+
+- Repaired a missing 'nocall:' in the Interfaces activation form.
+
+
+1.1b1 (2005-07-06)
+------------------
+
+- PAS-level id mangling is no more. All (optional) mangling is now
+ done on a per-plugin basis.
+
+- Interfaces used by PAS are now usable in both Zope 2.7 and 2.8
+ (Five compatible)
+
+
+1.0.5 (2005-01-31)
+------------------
+
+- Simplified detection of the product directory using 'package_home'.
+
+- Set a default value for the 'login' attribute of a PAS, to avoid
+ UnboundLocalError.
+
+
+1.0.4 (2005-01-27)
+------------------
+
+- Made 'Extensions' a package, to allow importing its scripts
+ as modules.
+
+- Declared new 'IPluggableAuthService' interface, describing additional
+ PAS-specific API.
+
+- Exposed PAS' 'resetCredentials' and 'updateCredentials' as public
+ methods.
+
+- Monkey-patch ZMI's logout to invoke PAS' 'resetCredentials', if
+ present.
+
+- CookieAuth plugin now encodes and decodes cookies in the same
+ format as CookieCrumbler to provide compatibility between
+ sites running PAS and CC.
+
+- Add a publicly callable "logout" method on the PluggableAuthService
+ instance that will call resetCredentials on all activated
+ ICredentialsRest plugins, thus effecting a logout.
+
+- Enabled the usage of the CookieAuthHelper login screen functionality
+ without actually using the CookieAuthHelper to maintain the
+ credentials store in its own auth cookie by ensuring that only
+ active updateCredentials plugins are informed about a successful
+ login so they can store the credentials.
+
+- Added a _getPAS method to the BasePlugin base class to be used
+ as the canonical way of getting at the PAS instance from within
+ plugins.
+
+- Group and user plugins can now specify their own title for a
+ principal entry (PAS will not compute one if they do).
+
+- PAS and/or plugins can now take advantage of caching using the
+ Zope ZCacheable framework with RAM Cache Managers. See
+ doc/caching.stx for the details.
+
+- Make 'getUserById' pass the 'login' to '_findUser', so that
+ the returned user object can answer 'getUserName' sanely.
+
+- Harden 'logout' against missing HTTP_REFERRER.
+
+- Avoid triggering "Emergency user cannot own" when adding a
+ CookieAuthHelper plugin as that user.
+
+- Detect and prevent recursive redirecting in the CookieAuthHelper
+ if the login_form cannot be reached by the Anonymous User.
+
+- Made logging when swallowing exceptions much less noisy (they
+ *don't* necessarily require attention).
+
+- Clarified interface of IAuthenticationPlugin, which should return
+ None rather than raising an exception if asked to authenticate an
+ unknown principal; adjusted ZODBUserManager accordingly.
+
+- Don't log an error in zodb_user_plugin's authenticateCredentials
+ if we don't have a record for a particular username, just return None.
+
+- If an IAuthenticationPlugin returns None instead of a tuple
+ from authenticateCredentials, don't log a tuple-unpack error in PAS
+ itself.
+
+
+1.0.3 (2004-10-16)
+------------------
+
+- Implemented support for issuing challenges via IChallengePlugins.
+
+ - three challenge styles in particular:
+
+ - HTTP Basic Auth
+
+ - CookieCrumbler-like redirection
+
+ - Inline authentication form
+
+- Made unit tests pass when run with cAccessControl.
+
+- plugins/ZODBRoleManager.py: don't claim authority for 'Authenticated'
+ or 'Anonymous' roles, which are managed by PAS.
+
+- plugins/ZODBRoleManager.py: don't freak out if a previously assigned
+ principal goes away.
+
+- plugins/ZODBGroupManager.py: don't freek out if a previously assigned
+ principal goes away.
+
+- plugins/ZODBUserManager.py: plugin now uses AuthEncoding for its
+ password encryption so that we can more easily support migrating
+ existing UserFolders. Since PAS has been out for a while,
+ though, we still will authenticate against old credentials
+
+- Repaired arrow images in two-list ZMI views.
+
+- searchPrincipals will work for exact matches when a plugin supports
+ both 'enumerateUsers' and 'enumerateGroups'.
+
+- 'Authenticated' Role is now added dynamically by the
+ PluggableAuthService, not by any role manager
+
+- Added WARNING-level logs with tracebacks for all swallowed
+ plugin exceptions, so that you notice that there is something
+ wrong with the plugins.
+
+- All authenticateCredentials() returned a single None when they
+ could not authenticate, although all calls expected a tuple.
+
+- The user id in extract user now calls _verifyUser to get the ID
+ mangled by the enumeration plugin, instead of mangling it with the
+ authentication ID, thereby allowing the authentication and
+ enumeration plugins to be different plugins.
+
+
+1.0.2 (2004-07-15)
+------------------
+
+- ZODBRoleManager and ZODBGroupManager needed the "two_lists" view,
+ and associated images, which migrated to the PluginRegsitry product
+ when they split; restored them.
+
+
+1.0.1 (2004-05-18)
+------------------
+
+- CookieAuth plugin didn't successfully set cookies (first, because
+ of a NameError, then, due to a glitch with long lines).
+
+- Missing ZPL in most modules.
+
+
+1.0 (2004-04-29)
+----------------
+
+- Initial release
More information about the checkins
mailing list