Changes 0.15.x

History of released versions

1.4| 1.3| 1.2| 1.1| 1.0| 0.16.x| 0.15.x| 0.14.x| 0.13.x| 0.12.x| 0.11.x| 0.10.x| 0.9.x| 0.8.x| 0.7.x| Ancient| Overview

0.15.22

Release Date: 2005-10-17

0.15.21

Release Date: 2005-10-13

0.15.20

Release Date: 2005-10-09

0.15.19

Release Date: 2005-09-29

Credits go to Claudia D. for her proposals improving the user interface.

0.15.18

Release Date: 2005-09-26

0.15.17

Release Date: 2005-09-25

0.15.16

Release Date: 2005-09-21

0.15.15

Release Date: 2005-09-20

0.15.14

Release Date: 2005-09-17

0.15.13

Release Date: 2005-08-30

0.15.12

Release Date: 2005-06-26

0.15.11

Release Date: 2005-06-21

Installation and Configuration changes
  • List of ISO 3166-2, numeric country codes and country names defined in new configuration sub-module web2ldapcnf.countries.
New features/enhancements
  • Added general configuration parameter web2ldapcnf.ldap_opt_debug_level for setting debug level of OpenLDAP libs.
  • Implemented eDirectory-specific plug-in class TaggedNameAndString.
  • Added plug-in module for OpenLDAP.
  • Added plug-in classes CountryCode and LogonHours for MS AD.
  • When modifying an entry the DIT content rule which governs the structural object class is displayed with a link to this rule in the schema browser.
  • In the search result list the attribute msDS-Approx-Immed-Subordinates is used if available to determine if it does make sense to display a [Down] link.
  • LDAP URLs in query strings (e.g. used for web2ldap-bookmarks) can now have the following LDAP URL extensions for specifying the SASL login parameters: x-saslmech, x-saslauthzid and x-saslrealm.
  • When displaying connection information all possible rootDSE attributes are taken into account instead of dumb probing all known monitor and configuration DNs.
Bug Fixes and Work-Arounds
  • Exception ldap.INSUFFICIENT_ACCESS is ignored in getUmichConfig() to avoid this exception being raised to user.
  • Recursive delete is hopefully more resistent against being caught in an end-less loop when working a buggy LDAP server.
  • Fixed handling of non-existing or empty namingContexts attribute in RootDSE.
  • The operational attribute structuralObjectClass is supposed to be SINGLE-VALUE but some broken LDAPv3 server implementations (e.g. Active Directory) return all the superior structural object classes as attribute values.
    There was a work-around added for that which fixes determining the correct DIT content in rule in effect on those broken servers.
  • Fixed input of bind DN with NON-ASCII chars in login form.
  • LDAP URLs with standard port numbers used as keys in cascaded configuration are matched with our without the port number.
Code cleaning
  • Some modifications in the syntax / attribute type class implementation which also clean-ups the plug-in implementations. Many syntaxes added.

0.15.10

Release Date: 2005-04-29

0.15.9

Release Date: 2005-02-15

0.15.8

Release Date: 2005-02-07

0.15.7

Release Date: 2005-02-05

0.15.6

Release Date: 2004-12-02

0.15.5

Release Date: 2004-11-18

0.15.4

Release Date: 2004-11-11

0.15.3

Release Date: 2004-10-26

0.15.2

Release Date: 2004-08-21

0.15.1

Release Date: 2004-08-05

Security fixes!
  • Fixed error handling where client-generated parameters displayed in various error messages could be exploited for cross-site scripting (XSS) attacks. All web2ldap versions prior to this version are considered vulnerable.
Bug fixes
  • Fixed backward-compability issue with Python 2.0 by avoiding use of function inspect.isclass().

0.15.0

Release Date: 2004-07-29

Installation and Configuration changes
  • The host:port form in the cascaded configuration was abandoned. All string-keys MUST be valid LDAP URLs except the single underscore for the default section. Additionally one can group configuration parameters around a common base DN (AKA as search root AKA naming context) by specifying a LDAP URL with empty hostport part. (see section Cascaded configuration).
  • Note: This release requires upgrading to python-ldap 2.0.1 which contains an important bug fix.
  • Performance optimization module psyco is imported if available.
New features/enhancements
  • Sort of a rudimental plug-in interface for syntax and attribute-type classes. Added plug-in example module for attribute types c and gender.
  • Added plug-in classes for vendor-specific syntaxes and/or attribute types:
  • New host-specific parameter link_css allows to set different style sheets (CSS URL) for different servers / naming contexts.
  • A multi-select field is also displayed for abstract object classes when adding or modifying entries. E.g. this preserves object class top in an existing entry.
  • If attribute schemaNamingContext is present in RootDSE (e.g. with MS AD) a link is displayed in the schema viewer to the relating schema element entry found under the schema naming context.
  • Attribute values of syntax OctetString can now be edited in hex-dump format.
  • Support for SASL mechanism NTLM.
  • LDAP URLs as string keys for configuration dictionary are now normalized before building w2lapp.cnf.ldap_def. This should lead to a more robust configuration behaviour.
Bug Fixes
  • Fixed displaying anonymous login in case a username or bind-DN was given without password.
  • Equals sign added as allowed character to regex pattern for PrintableString.
  • urllib.quote() is used instead of urllib_plus.quote() which fixes some strange errors with DNs passed around in URLs.
  • Added additional check whether to explicitly add object class attribute to set of required attributes in input form. This is a work-around for LDAP servers which mark the objectClass attribute as not user-modifiable (e.g. MS Active Directory)
  • Properly fall-back to binary download if there is no special handler for viewing a single binary attribute.
  • Imports of sndhdr and StringIO were missing for w2lapp.schema.syntaxes.Audio.
Code cleaning
  • Got rid of calling eval() in pisces.asn1 to be more friendly to psyco.
  • Removed some of the special attribute value detections in w2lapp.schema.syntaxes.LDAPSyntax.displayValue().