1.0|
0.16.x|
0.15.x|
0.14.x|
0.13.x|
0.12.x|
0.11.x|
0.10.x|
0.9.x|
0.8.x|
0.7.x|
Ancient|
Overview
Release Date: 2003-06-02
-
When displaying object class attribute values it is shown
which kind (STRUCTURAL, AUXILIARY or
ABSTRACT) the object class is.
-
New connection to new server is only tried if hostport
part in LDAP URL is not empty.
-
More fixes for schema elements without NAME
(needs also fixes in python-ldap 2.0.0pre13+ for correct function).
-
Select field displayed as input field for attributes of
Boolean syntax.
Release Date: 2003-05-26
-
w2lapp.addmodifyform:
Additional free from input field pair for specifying
attribute type and attribute value.
-
w2lapp.core.groupadm:
Again fixed administration of group entries with NON-ASCII
characters in DN.
-
Added support for X.509v3 extension PolicyConstraints
in certificate parser.
-
Removed invalid note about NON-ASCII chars not allowed in
LDIF input form.
-
Display allowed URL schemes as note near LDIF input form.
-
w2lapp.conninfo:
User can specify in [ConnInfo] how aliases dereferencing is done.
Release Date: 2003-05-19
-
Fixed displaying application anchors in w2lapp.viewer.
Release Date: 2003-05-18
-
Added BMPString support and preliminary T.61
support for X.500 DNs in certificate parser.
-
Current dn is always displayed in title message.
-
More fine-grained signal handling for the different running modes.
-
CleanUpThread instance created solely in w2lapp.core
instead of start-up scripts.
-
Fixed login when found Bind-DN contains NON-ASCII chars.
-
Added new function w2lapp.core.guessClientAddr() which
looks also at proxy-related CGI-BIN env vars to determine the
web client's address.
-
Select box for choosing export format is displayed with search results.
-
w2lapp.core.groupadm:
Fixed administration of group entries with NON-ASCII characters in DN.
Release Date: 2003-05-09
-
New stand-alone configuration option
web2ldapcnf.standalone.bind_address
which is equivalent to command-line option -l.
-
Exception ldap.INVALID_DN_SYNTAX caught in
w2lapp.add and input form for correcting
the RDN input is displayed to user.
Release Date: 2003-05-04
- New features/enhancements
-
-
Reformatted start log message in stand-alone mode and added
time-stamp.
-
New output format "Raw" for search result list.
- Configuration changes
-
-
New FastCGI configuration options
web2ldapcnf.fastcgi.error_log and
web2ldapcnf.fastcgi.debug_log
allow to specify separate log files. If non-zero error messages
(e.g. exception tracebacks and such) is redirected to error log
instead of web server's error log and debug messages are sent
to debug log instead sys.stdout.
-
New FastCGI configuration option
web2ldapcnf.fastcgi.base_url.
-
New stand-alone configuration option
web2ldapcnf.standalone.base_url.
-
Dropped global configuration parameters
web2ldapcnf.misc.ldap_binaryattrkeys
and web2ldapcnf.misc.ldap_browsermimetypes.
-
Abandoned outdated work-around dictionary
w2lapp.core.ldap_binaryattrkeys.
- Fixes
-
-
Properly determine syntax of SUP'ed attribute types.
-
Fixed link text for syntaxes in schema browser.
-
Switched off automatic detection of attribute values with
DN syntax.
-
Fixed some compability issues with upcoming
Python 2.3.
-
Added work-around for broken web servers which adds SCRIPT_NAME
to PATH_INFO in CGI-BIN environment vars.
-
Deliver static content (e.g. CSS files) with HTTP header line
Pragma: cache
in stand-alone mode.
-
Hard-coded an anonymous bind after falling back to LDAPv2.
-
Handle exceptions ldap.INVALID_CREDENTIALS
and ldap.INAPPROPRIATE_AUTH equally.
-
Fixed output of GZIP-encoded HTTP body. Also works with
mod_fastcgi now.
Release Date: 2003-04-18
- Modifications requiring configuration changes
-
-
Removed some static content from generation of <head> section
in w2lapp.gui.PrintHeader() (Pragma: no-cache and robot
setting). This can be configured in
web2ldapcnf.misc.html_head.
-
Moved templates/ to etc/web2ldap/templates/.
-
Added new configuration parameter
web2ldapcnf.standalone.reverse_lookups for enabling/disabling
reverse lookups of client address in stand-alone mode.
- New features/enhancements
-
-
Schema browser shows which matching rules are applicable for
attribute types by evaluating matchingRuleUse.
-
Separate exception handler for ldap.TIMEOUT in
w2lapp.handler.
-
More user-friendly behaviour when wrong user input was received in
w2lapp.passwd:
The input form is displayed together with an error message.
-
Display inherited syntax for attribute type.
- Fixes
-
-
When modifying the entry the attributes which were not read when
building the input form are ignored (mainly are not deleted). This
leads to a more robust behaviour regarding different access
control levels and concurrent data manipulation.
-
Fixed displaying of single string-typed schema element attributes.
- Code cleaning
-
-
Moved all form-related code into new class
w2lapp.form.Web2LDAPForm and several command-specific
sub-classes.
-
Some clean-ups in class msHTTPHandler.HTTPHandlerClass.
Release Date: 2003-04-04
-
Fixed setting attribute shadowLastChange
in w2lapp.passwd.
-
Attribute lastPwdSet set in w2lapp.passwd
if Samba password is synced.
-
Check box for synced Samba password is also display if object
class is smbPasswordEntry.
Release Date: 2003-04-03
-
Abandoned use of rarely needed class attributes and methods in
ldapsession.LDAPSession:
valid(), hasRootDSE, supportedLDAPVersion
and currentLDAPVersion.
-
Pass configuration value to timeout parameter when calling
ldap.async.AsyncSearchHandler.processResults().
-
Added experimental CSS style-sheet for printer output.
-
The label and the URL of attribute labeledURI is displayed
if the label is present.
-
Send correct MIME type image/jpeg for inline images
read from in attribute jpegPhoto.
-
Fixed Unicode issue in NO_SUCH_OBJECT handler of
w2lapp.handler.
-
Fixed Unicode issue in ldapsession.LDAPSession.renameEntry().
-
When displaying a single schema element a link to
Alvestrand's Object Identifier Registry
for this particular OID is shown.
-
Sparse use of target attribute in links.
-
Use method ldap.schema.subentry.Subschema.get_obj()
instead directly accessing schema dictionary simply by OID.
This solves a backward-compability problem for a schema fix
introduced in upcoming python-ldap.
-
New form parameter oid_class for command oid.
-
Fixed UnicodeError with LDAP URL in w2lapp.search.
-
Disabled signal handler for SIGUSR1 since it causes
troubles on Linux 2.0 boxes.
-
If something is wrong with input data and/or RDN for a new entry
the input form for modifying input is always displayed directly.
Release Date: 2003-03-18
-
Fixed handling of object classes without NAME.
-
Fixed signal handling for FastCGI and SCGI.
-
Added cgi-bin/web2ldap.fcgi for running via
cgi-fcgi wrapper.
-
Fixed w2lapp.groupadm for group entries where
the membership entry is not the DN of the member entry (e.g.
posixGroup).
-
Even more HTML clean-ups and enhancements:
-
No more use of <table> for internal link lists.
-
Attribute values are enclosed in
<span class="nameoroid">.
-
Use
class="CommandTable"
with every internal
link list.
Release Date: 2003-03-12
-
Fixed default value handling of form parameter login_filterstr.
-
Use operational attribute numSubordinates to determine
whether an entry is a leaf entry during recursive delete.
-
Cleaned up some HTML/CSS mess. Hide some CSS rules from
Netscape Navigator 4.x and old MS IE. Stylesheets
are not backward-compatible! You have
to upgrade the CSS files.
-
Dropped support for host-/backend-specific parameters
cache_maxmem and cache_timeout
since caching support was removed from python-ldap anyway.
-
Moved CSS files into separate sub-directory.
-
Some documentation clean-ups.
Release Date: 2003-03-06
-
[vCard] link is only shown if there is a vCard template defined
for at least one of the entry's object classes.
-
Export links for single entries in context menu are only displayed
when displaying the single entry with [Read].
-
Search scope base (0) was not properly used in
w2lapp.search.
Release Date: 2003-03-01
-
A small fix to w2lapp.schema.no_userapp_attr() for being
tolerant if an attribute type is not listed in the schema.
Release Date: 2003-02-22
-
Display the DESC attribute available in schema element
declaration of e.g. OpenLDAP as link text for LDAPSyntaxes.
-
Much code-cleaning in w2lapp.addmodifyform.
-
Single-valued attributes are not added to attribute type
select list in entry input form.
-
Attribute shadowLastChange set in w2lapp.passwd
if entry has object class shadowAccount.
-
Avoid adding simpleSecurityObject to entry twice
in w2lapp.passwd.
Release Date: 2003-02-18
-
Extra check in w2lapp.handler.HandleHTTPRequest() for
valid LDAP connection to provide reasonable error message
instead of logging exception in case user is playing
with manually generated URLs.
-
When displaying attribute jpegPhoto the comment
about number of bytes is written to (invisible) alt attribute
of <img> tag. This looks more friendly when using
jpegPhoto in HTML templates.
-
vCard output made schema aware. E.g. this fixes alias problem with
attribute street alias streetAddress.
-
Simulate KeyboardInterrupt when receiving SIGTERM.
-
Correctly remove PID file when receiving SIGTERM.
Release Date: 2003-01-07
-
Fixed displaying the search LDAP URL.
-
Fixed UnicodeError raised in case of LDAP filter
contains a NON-ASCII character and [Refine Filter] is chosen.
-
Additional checking for invalid commands with URL redirect
instead of handled exception.
-
LDAPSession.unbind() is explicitly called to immediately
close the LDAP connection if [Disconnect] was chosen by the user.
-
The URL generated for [Disconnect] link does not contain
a // (empty double slash) anymore to avoid compability problems with
Apache 2.x.
-
Corrected names of SSL-related configuration options in module
w2lapp.conninfo and example configuration file
web2ldapcnf.hosts.
Release Date: 2002-11-21
-
Fixed argument list when calling
w2lapp.schema.no_humanreadable_attr()
during vCard export.
Release Date: 2002-11-20
-
w2lapp.passwd:
If the schema does not allow userPassword attribute
to exist within the object classes of an entry the class
simpleSecurityObject if present in sub schema
is automagically added when the password is set.
-
w2lapp.read:
Fixed supression of displaying attributes which are already
display through HTML template in a correct schema-aware way.
-
Reactived code for displaying attributes of syntax
PostalAddress as multiple lines.
-
Keys of the configuration dictionary
web2ldapcnf.hosts.ldap_def
are handled as case-insensitive.
-
w2lapp.addmodifyform:
Separate select fields are displayed for structural and
auxiliary object classes when adding or modifying an entry.
-
w2lapp.addmodifyform:
If form parameter add_rdn is not given and there is only
one required attribute (except objectClass) the default
for the RDN input field (for chosing characteristic attribute)
is automagically chosen to be this attribute. The input field is
still editable though.
-
Avoid erronously displaying an input field for attributes
with transfer type ;binary.
-
Cleaned up the mess of using w2lapp.schema.no_humanreadable_attr()
and w2lapp.schema.no_userapp_attr().
Release Date: 2002-11-01
-
The input field for searching schema elements by OID or name
is displayed each time a schema element is displayed.
-
When querying for SRV RRs other record types in the DNS response
other than SRV are ignored.
-
Added certificate and CRL attribute types to
w2lapp.schema.syntaxes.syntax_registry for
LDAP servers which do not announce the proper syntax.
-
Dictionary defined with
search_tdtemplate
is handled through ldap.cidict.cidict (case-insensitive).
-
Cleaned up code for handling
search_tablistattrs
in w2lapp.search.
Release Date: 2002-10-20
-
Fixed argument list for login template string when
handling referrals.
Release Date: 2002-10-17
-
New form parameter login_filterstr in
login form for specifying the filter template used for
searching the user's entry. The default is set to the
value of binddnsearch.
Providing an empty string switches off the user entry search.
-
Placed handling of command monitor, locate and
connect into try-except-block for gracefully error handling.
-
Fix: In case of command locate method
form.getInputFields() was not called. Therefore
input was always empty.
-
Fixed w2lapp.gui.LDAPURLButton() to produce better
results if scope and/or filterstr of LDAP URl
are None.
Release Date: 2002-10-04
-
ValueError is raised in utctime.strptime()
if the length of the time string is wrong.
-
Unicode DN of subschema subentry is encoded to StringType
before passing it to LDAPObject.read_subschemasubentry_s().
Release Date: 2002-10-03
-
Enable synced setting of ntPassword and userPassword
in w2lapp.passwd if entry has object class sambaAccount.
-
w2lapp.addmodifyform.InputFormEntry.__getitem__()
more robust against empty attribute value lists.
-
Fixed argument list when calling w2lapp.core.log_exception()
from w2lapp.handler in debug mode.
-
Improvements, fixes and code-cleaning in module
w2lapp.groupadm:
-
Substituted constant in w2lapp.groupadm with
new parameter
groupadm_defs.
-
Fixed displaying the listing of all groups screwed up in 0.11.1.
-
Avoid sorting all group entry DNs a second time.
-
LDAPv3 sub schema is used for user_entry.
-
Corrected/simplified Unicode handling when setting
user_entry_attrvalue.
-
Removed need for importing deprecated module msbase.
-
Robuster handling if a group entry was deleted in the mean time.
-
Case insensitive handling of group entry object class names.
Release Date: 2002-09-27
-
Solved backward-compability issue with Python 2.1- caused by referring
to exception socket.gaierror.
-
Solved backward-compability issue with Python 2.1- caused by
nested scope in ldapsession.LDAPSession.open().
-
Distinguished names of group entries are handled
case-insensitive in w2lapp.groupadm.
-
Replaced hard-coded path value for parameter
schema_uri
in packaged configuration module with constructed relative path name.
-
Added (samAccountName=%s) to parameter
binddnsearch
in packaged default configuration.
-
Template file login.html was missing in package.
-
Some minor clean-ups in module ldapsession:
No import of module socket, dropped unused key-word argument
useThreadLock for ldapsession.LDAPSession.__init__()
and default of key-word argument traceFile is None.
-
If fake schema could not loaded the I/O exception is caught and
a log message is written to stderr. Will continue to start web2ldap
service. Currently writing the log message does not work when
running as FastCGI server...
-
Stripped configuration example for Apache/mod_fastcgi to
what's really needed.
Release Date: 2002-09-24
- New features
-
-
Full LDAPv3 schema handling as complete as it can be with
all those LDAP servers out there violating the LDAPv3 standard.
Note: This makes an upgrade to
python-ldap 2.0.0pre06+
necessary!
For LDAPv2 servers or if sub schema sub entry is not accessible
schema is read from locally stored LDIF file which you
can specify with new host-/backend paramter
schema_uri.
-
Built-in schema browser!
-
A new parameter
web2ldapcnf.misc.session_limit lets one
set a maximum number of currently persistent web sessions.
Note: This makes an upgrade to
PyWebLib 1.2.0
necessary!
-
Support for LDAP over SSL (ldaps://) and LDAP over
Unix domain socket (ldapi:///).
-
New host-/backend-specific parameters for certificate validation:
tls_cacertdir,
tls_cacertfile,
tls_certfile and
tls_keyfile.
-
Attributes to be requested can now be explicitly defined
in expert search form.
-
New run-mode
SCGI server.
- Incompatible configuration changes
-
-
Parameter web2ldapcnf.hosts.ldap_host_list removed and
substituted by web2ldapcnf.hosts.ldap_uri_list containing
a list of LDAP URLs.
-
Dropped support for
host-/backend-specific parameter dit. Code was kludgy
and it did not help much. Using the quick-link list defined
with addform_oc_list
is much more convenient.
-
Dropped support for
host-/backend-specific parameter hiddenattrs since
this only lead to a false sense of security.
- Changes in UI
-
-
Descriptive list of group entries in [groupadm] is
more pretty now. The descriptive title matches the name
listed in the group select lists.
-
If more than one possible user entry is found with smart login
a [Show] link is displayed which starts a search with search
parameters of smart login. This might aid users to pick the right
user entry.
-
If a search is done with scope ldap.SCOPE_SUBTREE search
continuations are displayed solely with one link named
[Continue search] which reuses the search scope and filter string.
-
UnicodeError exceptions are caught.
An appropriate error message is displayed.
-
A HTML template can be defined for the login form with
host-/backend-specific parameter
login_template.
-
The control ManageDsaIT is only displayed and tweaked in
[ConnInfo] if LDAP protocol version is LDAPv3. Otherwise
"not available" is displayed.
-
[ConnInfo] displays "Secured Connection: yes" in
case StartTLS ext op., LDAP over SSL or LDAP over Unix domain
socket was used successfully to connect.
-
Only descriptions are displayed in LDAP URL select list.
-
web2ldapcnf.hosts.ldap_uri_list may contain a mixed
list of strings (LDAP URLs) or 2-tuples of strings containing
LDAP URL and description.
-
Input fields are generated according to the LDAP syntax.
w2lapp.schema.syntaxes.LDAPSyntax.formField() returns
instance of input field for that purpose.
-
The context menu for single entries is displayed in more
situations (e.g. [modifyform], [delete], [rename], etc.).
- Small changes
-
-
No unneeded web sessions are stored anymore in case connecting
to a host was not successful or solely the entry page was
accessed. This was necessary to make
session_limit
work in a reasonable way.
-
sbin/occonf2ldapoc.py no longer shipped
since error-prone and outdated.
-
ldap.STRONG_AUTH_REQUIRED is handled exactly like
ldap.INSUFFICIENT_ACCESS.
-
socket.gaierror is handled exactly like
socket.error.
-
Malformed host:port parameters with colon
but without port number like e.g.
"localhost:" are handled more tolerant.
-
Updated example start/stop script in
etc/init.d/web2ldap.
-
ldapsession.LDAPSession.isLeafEntry() first trys to
read the operational attributes hasSubordinates and
subordinateCount before starting a one-level
search below.
-
Warning and error messages are displayed instead of unhandled
exception raised if user name specified by parameter
run_username
or command-line option -u does not exist.
-
To avoid UnicodeError being raised in case the directory data
contains malformed characters .encode() method and
unicode() function are called with argument
error='replace'
.
- Fixes
-
-
Unfortunately implementation of the parameter
requested_attrs
did not work with LDAP servers which do not implement wildcard
search correctly (e.g. Lotus Domino R5 and R6beta2). With these
servers only the attributes mentioned in requested_attrs were read.
This is fixed with a caveat: Command [Read] can take up to three search
requests and in some situations less data is pulled from server.
-
If started in multi-threaded stand-alone mode by user root
the built-in HTTP server did not respond although started
single-threaded worked. This was caused by dropping privileges with
calling os.setuid() after forking. That was fixed by calling
os.setuid() before detaching from console.
-
Probing for existing configuration entries in [ConnInfo]
does not choke on any LDAPError exceptions anymore.
-
Solved name alias problems with HTML templates in w2lapp.read
with the help of schema information. No matter which alias or OID is used
in an HTML template the attribute should be displayed correctly.
-
Solved problem with login form not passing around the scope
defined in an LDAP URL.
- Code cleaning
-
-
Many code changes were necessary due to schema-aware handling of
attribute types. Still not all issues are solved.
-
Searching in displaying missing parent entries in
w2lapp.add is done in separate functions
SearchMissingParentEntries() and
DisplayMissingParentEntries().
-
LDAP syntaxes are modeled by separate Python classes in new module
w2lapp.schema.syntaxes.
-
Moved outputting input form for chasing SRV RRs into
separate module w2lapp.srvrr.
-
Removed parameter web2ldapcnf.misc.ldap_knownattr
since inconstistent with LDAPv3 schema support.
-
Removed web2ldapcnf.misc.search_attrs since the
matching host-/backend specific parameter
web2ldapcnf.web2ldapcnf_hosts.search_attrs is
used to build the Advanced Search Form.
-
Simplified ldapsession.LDAPSession.renameEntry()
since we mandate use of newer python-ldap anyway.
-
Removed w2lapp.core.iso2display() and
w2lapp.core.input2utf().
-
Huge clean-ups in w2lapp.addmodifyform.
-
Form parameter ldap_oc not used in w2lapp.add
and w2lapp.modify anymore. Instead objectClass
attribute type and values are part of normal input.
-
w2lapp.gui.ErrorExitClass renamed to
w2lapp.gui.ErrorExit. ls and dn were
removed from argument list of w2lapp.gui.ErrorExit__init__().
-
Avoid mutable types and object instances as defaults for
key-word arguments. Substituted many key-word arguments
with normal arguments.
-
Incompatible clean-ups in module msHTTPServer:
-
Dropped support for SSL with module M2Crypto.
This was experimental and far from being as complete as
running with Apache and mod_ssl.
-
Removed all unused code and symbols for starting as
forking HTTP server.