Search Mailing List Archives
WebAuth 3.5.4 released
eagle at windlord.stanford.edu
Tue Apr 24 15:14:39 PDT 2007
The ITS WebAuth team is pleased to announce Stanford WebAuth 3.5.4. This
release fixes mod_webauthldap configuration parsing, adds various minor
feature enhancements, and improves presentation of Shibboleth IdP
For documentation and downloads of WebAuth 3.5.4, see:
We have not yet updated the Red Hat and Solaris builds.
The user-visible changes in this release are:
*) Add a configuration option to WebLogin to attempt to decode return
URLs pointing to a Shibboleth IdP and display on the confirmation page
the final destination instead of the intermediate IdP.
*) For pages that the browser should reload each time (WebAuthDoLogout or
WebAuthDontCache), also always set the content modification time to
now. Otherwise, the browser may check the last modification time on
the page and then serve its cached copy, ignoring any new Cookie
headers from the server (such as cookie clearing from a logout page).
*) For WebAuthDoLogout, WebAuthDontCache, and all WebLogin pages, set
Cache-Control: no-store as well as no-cache. no-store wasn't really
intended for this purpose but preventing the browser from keeping a
local copy is more likely to force the behavior we want. (This is
probably not necessary given the above change, but shouldn't hurt.)
*) Properly merge configuration settings in mod_webauthldap. This will
correct problems with WebAuthLdapAuthrule, WebAuthLdapFilter, and
WebAuthLdapPort configuration options not being honored inside virtual
hosts. Thanks to Wadud Miah for the bug report.
*) Refresh the REMOTE_USER configuration cookie on each WebLogin page
visit so that it won't expire if the user is using WebLogin
*) Document the cookies used by the WebLogin service.
*) Read ticket defaults from krb5.conf properly when built with Heimdal.
*) Fix configure logic and Kerberos library analysis on systems with
multiple versions of Kerberos installed.
If you have any problems or questions, please send mail to the
webauth-info mailing list or (for Stanford users) file a HelpSU ticket.
Russ Allbery <eagle at windlord.stanford.edu>
Technical Lead, ITS Unix Systems and Applications, Stanford University
More information about the webauth-info