Making things simpler...
1.0.0
- CASUserFolder now allows Zope to be used as a proxied application
when used in conjunction with a CAS 2.0 server.
- Response from CAS server's validation URL is now fully parsed.
The makes the authentication process more secure and allows better
error messages to be provided if there are problems with tickets.
- Clarified documentation and included several caveats.
- Added attribution to University of Bristol in license.txt.
0.9.0
- Fixed bug that meant new CASUserFolders weren't seen by the
authentication machinery.
- Fixed a bug that resulted in an invalid service parameter
being sent in the ticket validation request to the CAS server
resulting in multiple tickets being needed to authenticate.
- Sensitive information is now deleted from the REQUEST before
any untrusted code can take a look at it.
- CAS tickets are now always deleted from the REQUEST as early as
possible in the handling of a REQUEST.
- Significantly improved documentation.
- Added license and copyright.
- Added the ability to store local session cookies either as
'session cookies' that expire when the user closes their
browser, or 'timed cookies', which expire after a specified
amount of time.
- Rotation of local session cookie value is now optional.
0.8.1
- Made session generation pluggable, and the default compatible
with Python 2.1
0.8.0
- Allowed CAS to return to Zope with a URI containing query
string parameters.
- Made session data storage pluggable.
- Local sessioning is now secure, provided connection to Zope
is via SSL and secure bit on cookie is set.
- Expanded range of settable properties.
- Check validity of set properties before using them.
- Removed password and domain fields from user forms.
- Restructured code so logout works correctly.
- Added support files and limited documentation.
0.5.0
- Initial prototype release