From now, LemonLDAP::NG uses JSON serialization to store configuration and sessions instead of Storable::nfreeze
Perl function. This permits to have heterogenous servers connected to the same LL::NG organization (32/64 bits or different Perl versions). Old format still works but:
useStorable
to 1 in sessions backend options if you have some custom hooks.
Modern browsers do not take into account the autocomplete attribute in password fields anymore. This means even if you don't want users to remember the password, the browser will still propose it.
As it was not used anymore, this option is now removed. See https://jira.ow2.org/browse/LEMONLDAP-824 for more details.
Due to a too old Perl version and some missing modules, LL::NG is no more available for CentOS/RHEL 5 and 6. You need CentOS/RHEL 7 or a Debian based box to run this version of LL::NG.
You can no more set up a different protection
parameter for sessions explorer and configuration management. The protection
is used for all components, but can use access rules to manage authorizations between configuration, notifications and sessions:
^/(manager\.html|conf/) => $uid eq "dwho" default => $uid eq "dwho" or $uid eq "rtyler"
To request for authentication, handlers sent a 302 HTTP code, then portal sent the HTML form even if request was an Ajax one. From now, after being redirected by the Handler, a 401 code will be sent by the portal with a WWW-Authenticate
header containing “SSO <portal-URL>”. This is a little HTTP protocol hook created because browsers follow redirection transparently and we have to respond to JSON queries by JSON.
If you want to keep old behavior, set noAjaxHook
to 1 (in General Parameters → Advanced → Portal redirections → Keep redirections for Ajax).
Persistent sessions have a new attributes:
_session_uid
: real user identifier_utime
: creation timestampThese attributes allow to browse them in the sessions explorer. Old persistent sessions will automatically get these new attributes at user connexion.
The Multi backend configuration has changed. Now the stacks are defined in separate attributes:
So an old configuration like this:
authentication = Multi LDAP;DBI userDB = Multi LDAP;DBI
Must be replaced by:
authentication = Multi userDB = Multi multiAuthStack = LDAP;DBI multiUserDBStack = LDAP;DBI
Handler API has changed and specific Handlers have been rewritten. They still work but their configuration must be set in lemonldap-ng.ini
file instead of Manager. More details:
Note that some specific Handlers have been removed, you will not be able to use them anymore: