<liclass="level1"><divclass="li"> User module in authentication parameters now provides a “Same as authentication” value. You must revalidate it in the manager since all special values must be replaced by this <em>(Multi, Choice, Proxy, Slave, <abbrtitle="Security Assertion Markup Language">SAML</abbr>, OpenID*,…)</em></div>
</li>
<liclass="level1"><divclass="li"><strong>“Multi” doesn't exist anymore</strong>: it is replaced by the more powerful <ahref="authcombination.html"class="wikilink1"title="documentation:2.0:authcombination">Combination</a></div>
<divclass="noteimportant">Apache-ModPerl is no longer usable since version 2.4 <em>(many segfaults,…)</em>, especially when using mpm-worker. That's why LLNG doesn't use anymore ModPerl::Registry: all is now handle by FastCGI <em>(portal and manager)</em>.
<liclass="level1"><divclass="li"><strong>Syslog</strong>: logs are now configured only in <code>lemonldap-ng.ini</code> file. If you use Syslog, you must reconfigure it. See <ahref="logs.html"class="wikilink1"title="documentation:2.0:logs">logs</a> for more.</div>
</li>
<liclass="level1"><divclass="li"><strong>Apache2</strong>: Portal doesn't use anymore Apache2 logger. Logs continue to be written to Apache error.log but Apache “LogLevel” parameter has no effet on it: portal is now a FastCGI application and doesn't use anymore ModPerl. See <ahref="logs.html"class="wikilink1"title="documentation:2.0:logs">logs</a> for more.</div>
<liclass="level1"><divclass="li"><ahref="https://en.wikipedia.org/wiki/Cross-site_request_forgery"class="urlextern"title="https://en.wikipedia.org/wiki/Cross-site_request_forgery"rel="nofollow">CSRF</a> protection <em>(Cross-Site Request Forgery)</em>: a token is build for each form. To disable it, set requireToken to 0 <em>(portal security parameters in the manager)</em></div>
</li>
<liclass="level1"><divclass="li"><ahref="https://en.wikipedia.org/wiki/Content_Security_Policy"class="urlextern"title="https://en.wikipedia.org/wiki/Content_Security_Policy"rel="nofollow">Content-Security-Policy</a> header: portal build dynamically this header. You can modify default values in the manager <em>(Général parameters » Advanced parameters » Security » Content-Security-Policy)</em></div>
Now, <ahref="cda.html"class="wikilink1"title="documentation:2.0:cda">CDA</a>, <ahref="documentation/latest/applications/zimbra.html"class="wikilink1"title="documentation:latest:applications:zimbra">ZimbraPreAuth</a>, <ahref="securetoken.html"class="wikilink1"title="documentation:2.0:securetoken">SecureToken</a> and <ahref="handlerauthbasic.html"class="wikilink1"title="documentation:2.0:handlerauthbasic">AuthBasic</a> are <ahref="handlerarch.html"class="wikilink1"title="documentation:2.0:handlerarch">Handler Types</a>. So there is no more special file to load: you just have to choose “VirtualHost type” in the manager/VirtualHosts.
<liclass="level1"><divclass="li"> hostname() and remote_ip() are no more provided to avoid some name conflicts <em>(replaced by $ENV{})</em></div>
</li>
<liclass="level1"><divclass="li"><code>$ENV{<cgi_variable>}</code> is now available everywhere: see <ahref="writingrulesand_headers.html"class="wikilink1"title="documentation:2.0:writingrulesand_headers">Writing rules and headers</a></div>
</li>
<liclass="level1"><divclass="li"> some variable names have changed. See <ahref="variables.html"class="wikilink1"title="documentation:2.0:variables">variables</a> document</div>
Before 2.0, an Ajax query that was launched after session timeout received a 302 code. Now a response 401 is given. The <code>WWW-Authenticate</code> header contains: <code><abbrtitle="Single Sign On">SSO</abbr><portal-<abbrtitle="Uniform Resource Locator">URL</abbr>></code>
<liclass="level1"><divclass="li"> SOAP server activation is now split in 2 parameters (configuration/sessions). You must set them else SOAP service will be disabled</div>
<liclass="level1"><divclass="li"> Notifications are now REST/JSON by default. You can force old format in the manager. Note that SOAP proxy has changed: <ahref="http://portal/notifications"class="urlextern"title="http://portal/notifications"rel="nofollow">http://portal/notifications</a> now.</div>
<liclass="level1"><divclass="li"> If you use “adminSessions” endpoint with “singleSession*” features, you must upgrade all portals in the same time</div>
</li>
<liclass="level1"><divclass="li"> SOAP services can be replaced by new REST services</div>
<divclass="noteimportant"><ahref="handlerauthbasic.html"class="wikilink1"title="documentation:2.0:handlerauthbasic">AuthBasic Handler</a> uses now REST services instead of SOAP.
Portal has now many REST features and includes a plugin <abbrtitle="Application Programming Interface">API</abbr>. See Portal manpages to see how to write auth modules, issuers or other feature.
Portal is no more a big CGI object. it is written for Plack/PSGI. Little resume
</p>
<preclass="file">Portal object
|
+-> auth module
|
+-> userDB module
|
+-> issuer modules
|
+-> other plugins (notification,...)</pre>
<p>
The request is a separated object based on Lemonldap::NG::Portal::Main::Request which inherits from Lemonldap::NG::Common::PSGI::Request which inherits from Plack::Request. See manpages for more.
Handler libraries have been totally rewritten. If you've made custom handlers, they must be rewritten, see <ahref="customhandlers.html"class="wikilink1"title="documentation:2.0:customhandlers">customhandlers</a>.
</p>
<p>
If you had auto protected CGI, you also need to rewrite them, see <ahref="selfmadeapplication.html#perl_auto-protected_cgi"class="wikilink1"title="documentation:2.0:selfmadeapplication">documentation</a>.