2 - Add broken_dotnet_digest_without_query_string option
4 Allows digest authentication from .NET, which does not include the
5 query string in the uri in the digest Authorization header.
8 - Fix broken synopsis. RT#75254
11 - Add require_ssl configuration setting.
12 - Add no_unprompted_authorization_required configuration setting.
15 - Call store_digest_authorization_nonce() instead of $c->cache->set()
16 in authenticate_digest() (RT#63669) (rjk)
17 - Make Test::Exception and Test::MockObject be listed as test_requires
18 rather than requires (RT#54029)
19 - Skip WWW::Mech tests unless WWW::Mech is a new enough version (RT#55303).
20 - Improve documentation for authenticate_digest() (rjk)
21 - depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session
22 - reorganize and clarify
25 - Move actions out of the test applications to stop warnings.
27 - Make Pod tests author only.
30 - Added true/false check to _debug option
33 - Moved tests out to t/lib/ (dhoss)
35 - Add debug when a user is found, but passwords don't match (abraxxa)
38 - Remove use of _config accessor, which I'd stupidly cargo-culted.
39 As we don't ever run in auth back-compat mode, we can store
40 everything in instance data without worrying about conflicts.
41 Note however - have to keep the accessor itself so that our
42 parent class (which is still stupid and uses it) continues to work.
45 - Fix issue with the user not being authenticated into the correct
46 realm, by not calling $c->set_authenticated ourselves, but instead
47 just returning the user object. Fix suggested by Bernhard Graf. (t0m)
48 - Add test for this (t0m)
49 - Change $user to $user_obj in authenticate_digest for consistency (t0m)
52 - Add test for query strings in digest auth as digest header is built using
54 - Fix for this (Peter Corlett)
55 - Fix warning when used with self_check => 1 (t0m)
56 - Added respository info to META.yml (t0m)
59 - Added username_field configuration option. I need this to play
60 nice with Catalyst::Authentication::Store::Tangram.
61 - Doc cleanups / clarifications related to RT#39838
64 - Added better description of the use of the domains and
65 use_uri_for options (info culled from RFC2617).
66 - Split init method out to make this module easier to sub-class
67 (used by Catalyst::Authentication::HTTP::Proxy).
70 - Add tests for use_uri_for configuration options.
71 - Add tests and documentation for storing an MD5
72 of "$user:$relam:$password" instead of cleartext password
73 when doing digest auth.
76 - Add ability to override the realm name presented for authentication
77 when calling $c->authenticate. Documentation and tests for this.
78 - Clean up documentation of options inherited from
79 Catalyst::Authentication::Credential::Password.
80 - Added an example of calling methods in the credential module from a
81 controller to the POD.
82 - Tests for the authorization_required_message configuration parameter.
83 - Document use_uri_for configuration option
84 - Document domain option (passed through from $c->authenticate) and add
85 tests for this option.
88 - Fix the assumptions that the password field is named password when doing
92 - Fix some of the assumptions about the user class by inheriting from the
93 Catalyst::Authentication::Credential::Password module. This should make
94 using DBIC as a store work correctly for basic auth.
95 - Updated synopsis and todo list, this module still needs some work before
96 it's ready for prime time again..
99 - Rename to remove Plugin from namespace. This is a pretty breaking change,
100 as lots of things work differently with the new auth refactor.
101 - Pull out some functionality which I think is better in other
102 modules (realms/stores). With the auth refactor, this module didn't need
103 to do so much. If anyone misses any of the functionality, please yell at
104 me and I'll put it back.
107 - Changed cache modules used in the tests to not be deprecated.
108 - Fix RT#31036, and comply with RFC2617 Section 1.2.
111 - switch to Module::Install
116 - add body to 401 status
119 - Fix basic test when using Test::MockObject 1.07 (die if using undefined
123 - Applied Ton Voon's patch that fixed option propagation for basic auth.
126 - Refactored internals into smaller methods