Back to releases


This is the release everyone has been waiting for: 1.0.0: Small children and animals love it.

Main changes since 0.6.0:

  • Implemented SAML2 Enhanced Client or Proxy profile (ECP)*
  • Documentation updated and added
  • Switch from mod_auth_krb to mod_auth_gssapi
  • More stable uninstallation
  • Lots of other bugfixes

*: ECP code has been merged into Ipsilon, just needs some upstream patches accepted.

Detailed Changelog

John Dennis (1):

  • Implement ECP in Ipsilon

Nathan Kinder (1):

  • Fix ownership of config and state directories

Patrick Uiterwijk (9):

  • Use the new transaction convenience function in Persona
  • Fix OpenID AX extension bug
  • Add OpenID test suite
  • Allow scheme to be visible again in admin page
  • Insert a small timeout before reporting the test successful
  • Add database schema versioning
  • Implement change registration
  • Add uninstallation support to infosssd
  • Bump version for 1.0.0 release

Rob Crittenden (32):

  • Move ipsilon WSGI script from /usr/sbin to /usr/libexec
  • Use mod_auth_gssapi instead of mod_auth_kerb
  • Disallow iframes via X-Frame-Options and CSP by default
  • Populate krb_principal_name from GSS_NAME env var
  • Fix Apache configuration to use correct location of ipsilon
  • Rename authkrb plugin to authgssapi
  • Change references to authkrb plugin to authgssapi
  • Fix lint issues with loginstack changes
  • Drop usage of self._debug and use self.debug instead
  • Remove unnecessary lines from infoldap plugin
  • Use python logging in install / log cherrypy at right severity
  • Configure a KDC, add test for GSSAPI/Kerberos
  • Enable Kerberos NameID testing in testnameid
  • Pull the GSSAPI principal out of the userattrs
  • Add db.conn.log option to suppress sql logs by default
  • Set infosssd config value preconfigured as a boolean
  • Remove extraneous logging arg in authform login plugin
  • Update Copyright header point to COPYING file
  • Add support for storing SAML2 sessions
  • Configure the SAML2 session database during installation
  • Change SAML2 sessions backend to use Store API
  • Create a SAML2 session during login
  • Convert logout code to use SAML2 Store
  • Update IdP-initiated logout to use SAML2 Store
  • Remove expired SAML2 sessions
  • Use plugin-specific configuration, better expiration
  • Add logout to pgdb, fix name in tests
  • ipsilon-client-install man page
  • ipsilon-server-install man page
  • Add more text to ipsilon(7) man page
  • Add man page for ipsilon.conf.
  • Install man pages for client and server

Simo Sorce (5):

  • Fix sticter lint checks
  • Make availble a list of alternative aut methods
  • Merge the login and info plugins configurations
  • SSSD info plugin is immutable if not preconfigured
  • pylint 1.4.3 version fixes