[catagits/Catalyst-Authentication-Credential-HTTP.git] / Changes

1.015 2012-06-27
   - Add broken_dotnet_digest_without_query_string option

     Allows digest authentication from .NET, which does not include the
     query string in the uri in the digest Authorization header.

   - Fix broken synopsis. RT#75254

1.014 2012-02-05
   - Add require_ssl configuration setting.
   - Add no_unprompted_authorization_required configuration setting.

1.013 2010-12-14
   - Call store_digest_authorization_nonce() instead of $c->cache->set()
     in authenticate_digest() (RT#63669) (rjk)
   - Make Test::Exception and Test::MockObject be listed as test_requires
     rather than requires (RT#54029)
   - Skip WWW::Mech tests unless WWW::Mech is a new enough version (RT#55303).
   - Improve documentation for authenticate_digest() (rjk)
     - depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session
     - reorganize and clarify

1.012 2010-03-07
   - Move actions out of the test applications to stop warnings.

   - Make Pod tests author only.

1.011 2009-06-26
   - Added true/false check to _debug option

1.010 2009-05-14
   - Moved tests out to t/lib/ (dhoss)

   - Add debug when a user is found, but passwords don't match (abraxxa)

1.009  2009-01-04
   - Remove use of _config accessor, which I'd stupidly cargo-culted.
     As we don't ever run in auth back-compat mode, we can store
     everything in instance data without worrying about conflicts.
     Note however - have to keep the accessor itself so that our
     parent class (which is still stupid and uses it) continues to work.

1.008  2008-12-10
  - Fix issue with the user not being authenticated into the correct
    realm, by not calling $c->set_authenticated ourselves, but instead
    just returning the user object. Fix suggested by Bernhard Graf. (t0m)
    - Add test for this (t0m)
  - Change $user to $user_obj in authenticate_digest for consistency (t0m)

1.007  2008-11-19
  - Add test for query strings in digest auth as digest header is built using
    the full URI (t0m)
  - Fix for this (Peter Corlett)
  - Fix warning when used with self_check => 1 (t0m)
  - Added respository info to META.yml (t0m)

1.006  2008-10-06
  - Added username_field configuration option. I need this to play
    nice with Catalyst::Authentication::Store::Tangram.
  - Doc cleanups / clarifications related to RT#39838

1.005  2008-09-25
  - Added better description of the use of the domains and
    use_uri_for options (info culled from RFC2617).
  - Split init method out to make this module easier to sub-class
    (used by Catalyst::Authentication::HTTP::Proxy).

1.004  2008-09-12
   - Add tests for use_uri_for configuration options.
   - Add tests and documentation for storing an MD5
     of "$user:$relam:$password" instead of cleartext password
     when doing digest auth.

1.003  2008-09-11
   - Add ability to override the realm name presented for authentication
     when calling $c->authenticate. Documentation and tests for this.
   - Clean up documentation of options inherited from 
     Catalyst::Authentication::Credential::Password.
   - Added an example of calling methods in the credential module from a 
     controller to the POD.
   - Tests for the authorization_required_message configuration parameter. 
   - Document use_uri_for configuration option
   - Document domain option (passed through from $c->authenticate) and add 
     tests for this option.

1.002  2008-09-03
   - Fix the assumptions that the password field is named password when doing 
     digest auth.

1.001  2008-09-02
   - Fix some of the assumptions about the user class by inheriting from the
     Catalyst::Authentication::Credential::Password module. This should make
     using DBIC as a store work correctly for basic auth.
   - Updated synopsis and todo list, this module still needs some work before
     it's ready for prime time again..

1.000  2008-09-01
   - Rename to remove Plugin from namespace. This is a pretty breaking change,
     as lots of things work differently with the new auth refactor.
   - Pull out some functionality which I think is better in other 
     modules (realms/stores). With the auth refactor, this module didn't need
     to do so much. If anyone misses any of the functionality, please yell at
     me and I'll put it back.

0.11  2008-07-12
    - Changed cache modules used in the tests to not be deprecated.
    - Fix RT#31036, and comply with RFC2617 Section 1.2.

0.10  2007-04-26
    - switch to Module::Install

0.09  2006-12-31
    - clean up tests
    - clean up docs
    - add body to 401 status

0.08  2006-10-12
    - Fix basic test when using Test::MockObject 1.07 (die if using undefined
      interfaces)

0.07  2006-09-12
    - Applied Ton Voon's patch that fixed option propagation for basic auth.

0.06  2006-09-07
    - Refactored internals into smaller methods
Commit	Line	Data
f3ed6bfb	1	1.015 2012-06-27
a3abf05a	2	- Add broken_dotnet_digest_without_query_string option
	3
	4	Allows digest authentication from .NET, which does not include the
	5	query string in the uri in the digest Authorization header.
	6
9a901542	7	- Fix broken synopsis. RT#75254
9a901542	8
9fd0d1fb	9	1.014 2012-02-05
282361af	10	- Add require_ssl configuration setting.
	11	- Add no_unprompted_authorization_required configuration setting.
	12
c90a7aa2	13	1.013 2010-12-14
6e2204bc	14	- Call store_digest_authorization_nonce() instead of $c->cache->set()
6e2204bc	15	in authenticate_digest() (RT#63669) (rjk)
ab6b1f6f	16	- Make Test::Exception and Test::MockObject be listed as test_requires
ab6b1f6f	17	rather than requires (RT#54029)
3aff571e	18	- Skip WWW::Mech tests unless WWW::Mech is a new enough version (RT#55303).
1cd102dc	19	- Improve documentation for authenticate_digest() (rjk)
	20	- depends on Catalyst::Plugin::Cache, not Catalyst::Plugin::Session
	21	- reorganize and clarify
3aff571e	22
bd020dd7	23	1.012 2010-03-07
	24	- Move actions out of the test applications to stop warnings.
	25
ac0351e1	26	- Make Pod tests author only.
ac0351e1	27
9c02f7aa	28	1.011 2009-06-26
9c02f7aa	29	- Added true/false check to _debug option
de3a252c	30
	31	1.010 2009-05-14
	32	- Moved tests out to t/lib/ (dhoss)
	33
8f5d966b	34	- Add debug when a user is found, but passwords don't match (abraxxa)
8f5d966b	35
afe44be8	36	1.009 2009-01-04
8f5d966b	37	- Remove use of _config accessor, which I'd stupidly cargo-culted.
8f5d966b	38	As we don't ever run in auth back-compat mode, we can store
afe44be8	39	everything in instance data without worrying about conflicts.
	40	Note however - have to keep the accessor itself so that our
	41	parent class (which is still stupid and uses it) continues to work.
	42
b5402c9e	43	1.008 2008-12-10
8f5d966b	44	- Fix issue with the user not being authenticated into the correct
b5402c9e	45	realm, by not calling $c->set_authenticated ourselves, but instead
	46	just returning the user object. Fix suggested by Bernhard Graf. (t0m)
	47	- Add test for this (t0m)
	48	- Change $user to $user_obj in authenticate_digest for consistency (t0m)
	49
2dad9ca6	50	1.007 2008-11-19
	51	- Add test for query strings in digest auth as digest header is built using
	52	the full URI (t0m)
	53	- Fix for this (Peter Corlett)
	54	- Fix warning when used with self_check => 1 (t0m)
	55	- Added respository info to META.yml (t0m)
e8cb49b7	56
a50635bf	57	1.006 2008-10-06
	58	- Added username_field configuration option. I need this to play
	59	nice with Catalyst::Authentication::Store::Tangram.
2101d025	60	- Doc cleanups / clarifications related to RT#39838
a50635bf	61
6cd8c8c7	62	1.005 2008-09-25
ea92acf7	63	- Added better description of the use of the domains and
ea92acf7	64	use_uri_for options (info culled from RFC2617).
6cd8c8c7	65	- Split init method out to make this module easier to sub-class
6cd8c8c7	66	(used by Catalyst::Authentication::HTTP::Proxy).
ea92acf7	67
c5a1fa88	68	1.004 2008-09-12
	69	- Add tests for use_uri_for configuration options.
	70	- Add tests and documentation for storing an MD5
	71	of "$user:$relam:$password" instead of cleartext password
	72	when doing digest auth.
	73
f1f73b53	74	1.003 2008-09-11
bf399285	75	- Add ability to override the realm name presented for authentication
05512a69	76	when calling $c->authenticate. Documentation and tests for this.
bf399285	77	- Clean up documentation of options inherited from
05512a69	78	Catalyst::Authentication::Credential::Password.
031f556c	79	- Added an example of calling methods in the credential module from a
031f556c	80	controller to the POD.
05512a69	81	- Tests for the authorization_required_message configuration parameter.
05512a69	82	- Document use_uri_for configuration option
f1f73b53	83	- Document domain option (passed through from $c->authenticate) and add
f1f73b53	84	tests for this option.
bf399285	85
490754a8	86	1.002 2008-09-03
	87	- Fix the assumptions that the password field is named password when doing
	88	digest auth.
	89
	90	1.001 2008-09-02
	91	- Fix some of the assumptions about the user class by inheriting from the
	92	Catalyst::Authentication::Credential::Password module. This should make
	93	using DBIC as a store work correctly for basic auth.
	94	- Updated synopsis and todo list, this module still needs some work before
	95	it's ready for prime time again..
	96
	97	1.000 2008-09-01
513d8ab6	98	- Rename to remove Plugin from namespace. This is a pretty breaking change,
	99	as lots of things work differently with the new auth refactor.
	100	- Pull out some functionality which I think is better in other
	101	modules (realms/stores). With the auth refactor, this module didn't need
	102	to do so much. If anyone misses any of the functionality, please yell at
	103	me and I'll put it back.
	104
	105	0.11 2008-07-12
5b51e987	106	- Changed cache modules used in the tests to not be deprecated.
6afc3665	107	- Fix RT#31036, and comply with RFC2617 Section 1.2.
5b51e987	108
826670f9	109	0.10 2007-04-26
	110	- switch to Module::Install
	111
	112	0.09 2006-12-31
	113	- clean up tests
	114	- clean up docs
	115	- add body to 401 status
	116
	117	0.08 2006-10-12
2d4d6aac	118	- Fix basic test when using Test::MockObject 1.07 (die if using undefined
2d4d6aac	119	interfaces)
4e8cbd42	120
826670f9	121	0.07 2006-09-12
e9684b75	122	- Applied Ton Voon's patch that fixed option propagation for basic auth.
e9684b75	123
826670f9	124	0.06 2006-09-07
e9684b75	125	- Refactored internals into smaller methods