lemonldap-ng/debian/NEWS

lemonldap-ng (2.0.0-1) unstable; urgency=medium

  2.0 is a major release, many things have been changed. You must read
  https://lemonldap-ng.org/documentation/2.0/upgrade before upgrade.

 -- Xavier Guimard <x.guimard@free.fr>  Mon, 11 Dec 2017 22:48:25 +0100

lemonldap-ng (1.9.2-1) unstable; urgency=medium

  liblemonldap-ng-handler-perl package has been split into:
  - lemonldap-ng-handler that provides web server configuration
  - liblemonldap-ng-handler-perl that provides Perl libraries only

 -- Xavier Guimard <x.guimard@free.fr>  Sat, 17 May 2016 22:25:43 +0200

lemonldap-ng (1.9.0-1) unstable; urgency=low

  1) Configuration and sessions storage

  From now, Lemonldap::NG uses JSON serialization to store configuration and
  sessions instead of Storable::nfreeze Perl function. This permits one to have
  heterogenous servers connected to the same LLNG organization (32/64 bits or
  different Perl versions). Old format still works but:
   * configuration backends: new format is applied at first configuration
     save,
   * sessions storages: new format is applied for each new session or when
     updating an existing session. You can force LemonLDAP::NG to keep the old
     serialization method by setting useStorable to 1 in sessions backend
     options if you have some custom hooks.
     Note that this behaviour only affects modules Apache::Session::File, SQL
     database and Apache::Session::LDAP

  If you have more than one server and don't want to stop the SSO service, start
  upgrading in the following order:
   * servers that have only handlers;
   * portal servers (all together if your load balancer doesn't keep state by
     user or client IP and if users use the menu);
   * manager server

  2) Manage Ajax requests when sessions expires

  To request for authentication, handlers sent a 302 HTTP code even if request
  was an Ajax one. From now, after redirection, portal will send a 401 code
  with a WWW-Authenticate header containing "SSO portal-URL". This is a little
  HTTP protocol hook created because browsers follow redirection transparently.
  If you want to keep old behaviour, set noAjaxHook to 1 (in General Parameters
  -> Advanced -> Handler redirections -> Keep redirections for Ajax).

  3) New "Multi" authentication scheme

  The Multi backend configuration has changed. Now the stacks are defined in
  separate attributes:
   * multiAuthStack
   * multiUserDBStack

  So an old configuration like this:

    authentication = Multi LDAP;DBI
    userDB         = Multi LDAP;DBI

  Must be replaced by:

    authentication   = Multi
    userDB           = Multi
    multiAuthStack   = LDAP;DBI
    multiUserDBStack = LDAP;DBI

  4) Form replay

  Management of form replay has been rewritten. If you uses this experimental
  feature, you must edit your configuration and rewrite it.

 -- Xavier Guimard <x.guimard@free.fr>  Thu, 21 Jan 2016 17:13:07 +0100

lemonldap-ng (1.4.6-1) unstable; urgency=medium

  Handler files "My::Package" are no longer installed by default as a module
  "Lemonldap::NG::Handler" generic is now available. It is therefore
  necessary either to modify Apache configuration files to use
  "Lemonldap::NG::Handler" or create your own Perl modules using the provided
  examples files.

 -- Xavier Guimard <x.guimard@free.fr>  Mon, 29 Dec 2014 17:10:00 +0100

lemonldap-ng (1.2.2-1) unstable; urgency=low

  Examples files (Apache configuration and default handler files) are now not
  installed in /var/lib/lemonldap-ng/handler but available as examples files

  Since 1.2.2, LemonLDAP::NG uses 'Demo' authentication backend by default
  and the manager is protected by default by LemonLDAP::NG. So for an
  unconfigured installation, you have to use dwho account to access to the
  manager (password dwho)

 -- Xavier Guimard <x.guimard@free.fr>  Thu, 29 Nov 2012 06:22:45 +0100