Subversion Repositories oidplus

Rev

Go to most recent revision | Show changed files | Details | Compare with Previous | Blame | RSS feed

Filtering Options

Rev Age Author Path Log message Diff
974 2022-10-01 20:21:07 daniel-marschall /trunk/ Fix bug where HTTP was not possible after a HTTPS call (Chrome blocks secure CSRF cookie overwrite). HTTPS is now enforced if the page was previously loaded using HTTPS  
844 2022-05-27 00:30:36 daniel-marschall /trunk/ New object type: Four-Character-Code (FourCC)  
814 2022-04-05 00:49:02 daniel-marschall /trunk/ PostgreSQL connection can now be established via socket  
813 2022-04-05 00:26:28 daniel-marschall /trunk/ MySQL connection can now be established via socket  
812 2022-04-05 00:11:59 daniel-marschall /trunk/ Added baseconfig settings COOKIE_DOMAIN and COOKIE_PATH  
807 2022-03-25 21:08:54 daniel-marschall /trunk/ Updated SVN-Snapshot (TAR.GZ) update procedure. It now also allows to update systems which are protected by htpasswd.  
806 2022-03-25 00:56:45 daniel-marschall /trunk/ Base-config setting EXPLICIT_ABSOLUTE_SYSTEM_URL has been removed. Its functionality has now been merged with the setting CANONICAL_SYSTEM_URL. Use this instead.  
786 2022-03-18 01:03:21 daniel-marschall /trunk/ NEW: Native OCI8 PHP plugin support for Oracle databases!  
778 2022-03-13 11:31:06 daniel-marschall /trunk/ - Plugins can now control the output of HTTP headers (especially the Content-Security-Policy header)
- Added baseconfig setting CANONICAL_SYSTEM_URL
- Fixed issue with relative paths (OIDplus::webpath(...,fase) over a proxy		  
713 2021-12-26 21:41:08 daniel-marschall /trunk/ Fixed bug in OID-IP (OID WHOIS): Superior detection did not work for non-OIDs. Fixed.  
711 2021-12-26 18:33:19 daniel-marschall /trunk/ Auth keys (internally used for email verification etc.) now use HMAC instead of normal hash
Added new base config setting RA_PASSWORD_PEPPER_ALGO (dangerous! Only for experts!)
OIDplusSessionHandler.class.php: Improved internal encryption!

ATTENTION
!!! If you are updating from the TAR.GZ distibution channel, then the update *will* temporarily
!!! FAIL with the error message "Authentication failed". Once the error appears, close your
!!! browser window and delete the cookies, then log-in again, and continue the update process.
!!! (The error happens because of the update of the internal session encryption procedure)		  
702 2021-12-26 00:26:02 daniel-marschall /trunk/ New plugin type: CAPTCHA plugins!  
625 2021-06-12 23:10:32 daniel-marschall /trunk/ LDAP: Added multi-domain support  
624 2021-06-11 16:23:10 daniel-marschall /trunk/ LDAP: The search for RA/Admin group membershop can now also include sub-groups  
623 2021-06-11 11:11:28 daniel-marschall /trunk/ LDAP: Removed feature LDAP_ADMIN_IS_OIDPLUS_ADMIN; instead introduced settings LDAP_ADMIN_GROUP and LDAP_RA_GROUP  
620 2021-06-10 16:16:05 daniel-marschall /trunk/ LDAP authentication plugin: The main authentication now works using UPN (userPrincipalName) instead of the mail address of the user. The control user is not required in the base configuration anymore, and there is no requirement in adding email addresses for the domain users.  
617 2021-06-02 00:03:52 daniel-marschall /trunk/ Added new high-security feature RA Password Pepper (use with extreme caution! Existing passwords will become invalid)
RA password generation: BCrypt "cost" parameter can now be configured.		  
609 2021-05-29 23:09:04 daniel-marschall /trunk/ The administrator account can now have more than one valid password.
webwhois.php is now disabled if the WHOIS plugin is disabled		  
585 2021-05-23 17:36:08 daniel-marschall /trunk/ Very large refactoring of login methods; JWT methods encapsulated
"Remember me" (JWT cookie) and regular logins (PHP session) cannot be mixed anymore (which didn't work anyway)		  
583 2021-05-22 11:32:35 daniel-marschall /trunk/ Added JWT TTL (time to live) config value  

←Prev12Next→

Show All