[Checkins] SVN: Products.PluggableAuthService/trunk/HISTORY.txt Restore changelog info about historical versions in HISTORY.txt.

Tres Seaver tseaver at palladion.com
Fri Feb 18 16:36:16 EST 2011 

Log message for revision 120427:
  Restore changelog info about historical versions in HISTORY.txt.

Changed:
  A   Products.PluggableAuthService/trunk/HISTORY.txt

-=-
Added: Products.PluggableAuthService/trunk/HISTORY.txt
===================================================================
--- Products.PluggableAuthService/trunk/HISTORY.txt	                        (rev 0)
+++ Products.PluggableAuthService/trunk/HISTORY.txt	2011-02-18 21:36:14 UTC (rev 120427)
@@ -0,0 +1,288 @@
+PluggableAuthService changelog
+==============================
+
+(Notes for "historical" versions of PAS).
+
+
+1.4 (2006-08-28)
+----------------
+
+- Extended the DomainAuthHelper to function as its own extraction
+  plugin, to allow for the case that another extractor is registered,
+  but does not return any credentials.
+  (http://www.zope.org/Collectors/PAS/46)
+
+- Re-worded parts of the README so they don't point to specific or 
+  non-existing files (http://www.zope.org/Collectors/PAS/6 and
+  http://www.zope.org/Collectors/PAS/47)
+
+
+1.4-beta (2006-08-07)
+---------------------
+
+- Created a "Configured PAS" entry in the ZMI add list, which
+  allows creating a PAS using base and extension GenericSetup profiles
+  registered for IPluggableAuthService.  This entry should eventually
+  replace the "stock" PAS entry (assuming that we make GenericSetup
+  a "hard" dependency).
+
+- Added an "empty" GenericSetup profile, which creates a PAS containing
+  only a plugin registry and a setup tool.
+
+- Repaired the "simple" GenericSetup profile to be useful, rather than
+  catastrophic, to apply:  it now creates and registers a set of
+  ZODB-based user / group / role plugins, along with a basic auth
+  helper.
+
+- ZODBUserManager: Extend the "notional IZODBUserManager interface"
+  with the left-out updateUser facility and a corresponding
+  manage_updateUser method for ZMI use. Removed any responsibility
+  for updating a user's login from the updateUserPassword and
+  manage_updateUserPassword methods. This fixes the breakage
+  described in the collector issue below, and makes the ZMI view
+  for updating users work in a sane way.
+  (http://www.zope.org/Collectors/PAS/42)
+
+- CookieAuthHelper: If expireCookie was called and extractCredentials
+  was hit in the same request, the CookieAuthHelper would throw an
+  exception (http://www.zope.org/Collectors/PAS/43)
+
+- Added a DEPENDENCIES.txt. (http://www.zope.org/Collectors/PAS/44)
+
+
+1.3 (2006-06-09)
+----------------
+
+No changes from version 1.3-beta
+
+
+1.3-beta (2006-06-03)
+---------------------
+
+- Modify CookieAuthHelper to prefer '__ac' form variables to the cookie
+  when extracting credentials.  (https://dev.plone.org/plone/ticket/5355)
+
+
+1.2 (2006-05-14)
+----------------
+
+- Fix manage_zmi_logout which stopped working correctly as soon as the
+  PluggableAuthService product code was installed by correcting the
+  monkeypatch for it in __init__.py.
+  (http://www.zope.org/Collectors/PAS/12)
+
+- Add missing interface for IPropertiedUser and tests
+  (http://www.zope.org/Collectors/PAS/16)
+
+- Removed STX links from README.txt which do nothing but return 
+  404s when clicked from the README on zope.org.
+  (http://www.zope.org/Collectors/PAS/6)
+
+- Fixing up inconsistent searching in the listAvailablePrincipals
+  method of the ZODBRoleManager and ZODBGroupManager plugins. Now both
+  constrain searches by ID.
+  (http://www.zope.org/Collectors/PAS/11)
+
+- Convert from using zLOG to using the Python logging module.
+  (http://www.zope.org/Collectors/PAS/14)
+
+
+1.2-beta (2006-02-25)
+---------------------
+
+- Added suppport for exporting / importing a PAS and its content via
+  the GenericSetup file export framework.
+
+- Made ZODBRoleManager plugin check grants to the principal's groups,
+  as well as those made to the principal directly.
+
+- Added two new interfaces, IChallengeProtocolChooser and
+  IRequestTypeSniffer. Those are used to select the 'authorization
+  protocol' or 'challenger protocol' to be used for challenging
+  according to the incoming request type.
+
+- Repaired warings appearing in Zope 2.8.5 due to a couple typos
+  in security declarations.
+
+- Repaired DeprecationWarnings due to use of Zope2 interface verification.
+
+- Repaired unit test breakage (unittest.TestCase instances have
+  'failUnless'/'failIf', rather than 'assertTrue'/'assertFalse').
+
+- Fixed a couple more places where Zope 2-style ``__implements__``
+  were being used to standardize on using ``classImplements``.
+
+- Fixed fallback implementations of ``providedBy`` and
+  ``implementedBy`` to always return a tuple.
+
+- Make sure challenge doesn't break if existing instances of the
+  PluginRegistry don't yet have ``IChallengeProtocolChooser`` as a
+  registered interface. (Would be nice to have some sort of
+  migration for the PluginRegistry between PAS releases)
+
+- Don't assume that just because zope.interface can be imported
+  that Five is present.
+
+
+1.1b2 (2005-07-14)
+-----------------
+
+- Repaired a missing 'nocall:' in the Interfaces activation form.
+
+
+1.1b1 (2005-07-06)
+------------------
+
+- PAS-level id mangling is no more. All (optional) mangling is now
+  done on a per-plugin basis.
+
+- Interfaces used by PAS are now usable in both Zope 2.7 and 2.8
+  (Five compatible)
+
+
+1.0.5 (2005-01-31)
+------------------
+
+- Simplified detection of the product directory using 'package_home'.
+
+- Set a default value for the 'login' attribute of a PAS, to avoid
+  UnboundLocalError.
+
+
+1.0.4 (2005-01-27)
+------------------
+
+- Made 'Extensions' a package, to allow importing its scripts
+  as modules.
+
+- Declared new 'IPluggableAuthService' interface, describing additional
+  PAS-specific API.
+
+- Exposed PAS' 'resetCredentials' and 'updateCredentials' as public
+  methods.
+
+- Monkey-patch ZMI's logout to invoke PAS' 'resetCredentials', if
+  present.
+
+- CookieAuth plugin now encodes and decodes cookies in the same
+  format as CookieCrumbler to provide compatibility between
+  sites running PAS and CC.
+
+- Add a publicly callable "logout" method on the PluggableAuthService
+  instance that will call resetCredentials on all activated 
+  ICredentialsRest plugins, thus effecting a logout.
+
+- Enabled the usage of the CookieAuthHelper login screen functionality
+  without actually using the CookieAuthHelper to maintain the 
+  credentials store in its own auth cookie by ensuring that only
+  active updateCredentials plugins are informed about a successful
+  login so they can store the credentials.
+
+- Added a _getPAS method to the BasePlugin base class to be used
+  as the canonical way of getting at the PAS instance from within
+  plugins.
+
+- Group and user plugins can now specify their own title for a
+  principal entry (PAS will not compute one if they do).
+
+- PAS and/or plugins can now take advantage of caching using the
+  Zope ZCacheable framework with RAM Cache Managers. See
+  doc/caching.stx for the details.
+
+- Make 'getUserById' pass the 'login' to '_findUser', so that
+  the returned user object can answer 'getUserName' sanely.
+
+- Harden 'logout' against missing HTTP_REFERRER.
+
+- Avoid triggering "Emergency user cannot own" when adding a
+  CookieAuthHelper plugin as that user.
+
+- Detect and prevent recursive redirecting in the CookieAuthHelper
+  if the login_form cannot be reached by the Anonymous User.
+
+- Made logging when swallowing exceptions much less noisy (they
+  *don't* necessarily require attention).
+
+- Clarified interface of IAuthenticationPlugin, which should return
+  None rather than raising an exception if asked to authenticate an
+  unknown principal;  adjusted ZODBUserManager accordingly.
+
+- Don't log an error in zodb_user_plugin's authenticateCredentials
+  if we don't have a record for a particular username, just return None.
+
+- If an IAuthenticationPlugin returns None instead of a tuple
+  from authenticateCredentials, don't log a tuple-unpack error in PAS
+  itself.
+
+
+1.0.3 (2004-10-16)
+------------------
+
+- Implemented support for issuing challenges via IChallengePlugins.
+
+  - three challenge styles in particular:
+
+    - HTTP Basic Auth
+
+    - CookieCrumbler-like redirection
+
+    - Inline authentication form
+
+- Made unit tests pass when run with cAccessControl.
+
+- plugins/ZODBRoleManager.py: don't claim authority for 'Authenticated'
+  or 'Anonymous' roles, which are managed by PAS.
+
+- plugins/ZODBRoleManager.py: don't freak out if a previously assigned
+  principal goes away.
+
+- plugins/ZODBGroupManager.py: don't freek out if a previously assigned
+  principal goes away.
+
+- plugins/ZODBUserManager.py: plugin now uses AuthEncoding for its
+  password encryption so that we can more easily support migrating
+  existing UserFolders. Since PAS has been out for a while,
+  though, we still will authenticate against old credentials
+
+- Repaired arrow images in two-list ZMI views.
+
+- searchPrincipals will work for exact matches when a plugin supports
+  both 'enumerateUsers' and 'enumerateGroups'.
+
+- 'Authenticated' Role is now added dynamically by the
+  PluggableAuthService, not by any role manager
+
+- Added WARNING-level logs with tracebacks for all swallowed
+  plugin exceptions, so that you notice that there is something
+  wrong with the plugins.
+
+- All authenticateCredentials() returned a single None when they
+  could not authenticate, although all calls expected a tuple.
+
+- The user id in extract user now calls _verifyUser to get the ID
+  mangled by the enumeration plugin, instead of mangling it with the
+  authentication ID, thereby allowing the authentication and
+  enumeration plugins to be different plugins.
+
+
+1.0.2 (2004-07-15)
+------------------
+
+- ZODBRoleManager and ZODBGroupManager needed the "two_lists" view,
+  and associated images, which migrated to the PluginRegsitry product
+  when they split;  restored them.
+
+
+1.0.1 (2004-05-18)
+------------------
+
+- CookieAuth plugin didn't successfully set cookies (first, because
+  of a NameError, then, due to a glitch with long lines).
+
+- Missing ZPL in most modules.
+
+
+1.0 (2004-04-29)
+----------------
+
+- Initial release

More information about the checkins mailing list