Table of Contents
Added clean-pod2html.sh to remove xml header from html files generated by pod2html which cause problems on the Globus web site (Bug 5894)
Jar file now includes version number to help prevent caching issues (Bug 5878)
Removed offline-allowed elements from jnlp files to help prevent caching
Documentation fix: Added setting of IdP.entityID for GS-SAMLTools integration (Bug 5813)
Added new NCSA CA certificates (f2e89fe3.0 and 9b95bbf2.0) to certificates/ directory for inclusion in trustStore
'make clean' does not remove files that cannot be easily regenerated in distribution. (Bug 5350)
Use (modified) Java Cog source instead of class files. See org/globus/util/README
Split openssl configuration (replacing --with-openssl-path) options into --with-openssl and --with-openssl-prefix to allow for binaries to be separate from libraries and includes.
Fixed a number of minor issues with 'make test' and 'make test-dist'
Moved configuration source into conf/ subdirectory
Bug fix in CredentialRetriever.java: Util.setFilePermissions() does not take octal and passing it such causes underlying chmod call to silently fail. Fortunately since we are enforcing a umask setting there is no security hole.
Remove whitespace around configuration values (Bug 5798)
Made '--quiet' argument to GridShib-SAMLTools dependent on debug configuration option so that when debug is True better output is generated.
check-config.pl now dumps all configuration values.
When running GridShib SAMLTools, check for existence of JAVA_HOME and log a warning if it doesn't exist.
Updated to use GridShib SAML Tools 0.3.0 and invoke so that we get correctly formatted ASN.1 in the extension with the right OID.
Moved documentation to docbook
Fixed OpenSSL CA so that it issues V3 certificates instead of V1 (Bug (5254)
Added test in the form of 'make test' and 'make test-post-install'
Integrate GridShib SAML Tools to bind simple attribute assertion to EEC
Handle creating DN from mix of atttributes (Bug 4889)
Use "DC" components for relative DN (Bug 4887).
Added 'redirectURL' option to configure file so that JWS application can send browser to URL after successful credential download.
Added 'useBundledCAs' option to gridshib-ca.conf to allow turning off use of bundled CAs (using Java-provided default CAs instead).
Fallback to prompting user if CA that issued portal https certificate is unrecognized. (Bug 4875).
configure.ac: --with-gridshib-ca-conf-dir uses ${prefix} instead of static '/usr/local/'
Fixed bug 4973 causing bad CA filenames.
Fixed bug 4877 typos in configure.
Added support for delegation of X509 credential to portal (disabled by default).
Run-time configuration of trusted Idps and portals added.
Cleaned up protocol between CredentialRetriever and GridShib-CA. Use HTTP status code instead of own internal status header.
CredentialRetriever now generating key pair on client side and sending PKCS#10 certificate request to generateCred.pl.
Now builds and installs own openssl-based ca (openssl-ca) that allows setting of DN by GridShib CA
Includes GridShibCA::MyProxyCA.pm, a pure perl MyProxy client to allow outsourcing of CA functionality to MyProxy.
Now uses a set of PERL modules to accomplish basic tasks, which can be configured using gridshib-ca.conf file.
Starting to use RFC 2253 format DNs internally.
CredentialRetreiver.java: Circumvent JWS installing its own SSLSocketFactory so that default SSLSocketFactory is used and our list of trusted CAs is honored.
Added debug support with debug and clientDebug parameters in configuration file.
Added support for requested lifetimes from user.
Added support for updating user's trusted certificates directory