The latest release of mod_psldap provides new core capabilities to support new actions to register users, add ldap attributes and client side drag and drop editing of the LDAP records to reassign records to superiors, people to managers, and members to groups. A client side form validation framework was also introduced that simplifies validation through leverage of custom attributes on the input elements.
Fixed DocumentManager JS API to accomodate browser technology changes - mod_psldap now supports XSLT on the client without a round trip to the server to reaquire the XML and reset the default XSL
Addition of search status update in the tree div and processing status to the record editing div in alt_index.html
Implemented window resizing to fit content in editable forms popups
Enabled anonymous access through the module when a user is not provided
Implemented a Register action to force rebinding to ldap with credentials provided through the PsLDAPRegBindDN and PsLDAPRegBindPassword parameters configured in the Apache configuration for the module
Modified the DSML_editform.xsl to transform for registration specific view provided the dn attribute on the searchResultEntry node equals 'dc=registered'
Added operational attributes into the attribute set returned when an LDAP search is executed, allowing visibility to entryUUID, modifyTimestamp, createTimestamp, creatorsName, among other attributes
Eliminated potential security hole when using cookie based sessions
Modified LDAP session persistance to pull timestamp from the operational attribute modifyTimestamp to dtermine last access time for Apache session
Secured session cookies with HttpOnly option to reduce XSS attack risk - pending identification of browser support
Introduced validation framework in edit tools - invokes any function set in the psvalidate attribute of an input element in the context of the input element on form validation passing the argument list identified in a comma separate string following the function name in the attribute e.g. psvalidate='psldap_validateMinLength,7'
Introduced 4 standard validation methods: psldap_validateMinLength, psldap_validateMaxLength, psldap_validateEMail, psldap_validatePasswordStrength,
Fixed the configure script - the generated Makefile now provides reliable builds, installs, and bundling of the module
Enable drag and drop movement across organizational units and managers in the explorer tree via mouse actions against the image handles on each tree node
This is a patch fix against 0.91 to address defects identified in extended testing. This is a bug fix release to address variations on the initially tested configurations and restores isolation of site specific configurations to simplify an upgrade.
Moved common capabilities back out of DSML_sitefrags.xsl to leave that stylesheet for site specific customizations only - common capabilities are now in DSML_commonscript.xsl
Refactored the pageHeader template with pageHeaderWithRefClass to reduce duplicate code
Removed some hardcoded values from the DSML_vendors.xsl (enabled automatic population of the ldapDomains to all select elements with an id of 'dn') and made the template for servicesMgmt site specific
Corrected minor title setting bug on commonscript XSL
Extended vcard to include KEY, REV, PRODID, and CLASS, also fixing IM references to be compliant with RFC 4770
Fixed generated dsml structure to better match spec - pushed searchResponse back under a batchResponse node and change mgmt and org XSL back to reference the correct XPath
Fixed improper ServerPath inclusion in fully qualified path assembly - repairs issue with XML and XSL file parse for server side operations when recursive path link is not present
This release includes major performance improvement in transformation and finally allows for XSLT to be performed in the server. These changes were extended to allow the ability to add, edit, and delete records from handheld user agents in addition to providing single record download capabilities as specified file types (vCard now supported for download with a text/x-vcard MIME type)
Fixes to eliminate infinite loop in the vertical wrap to ensure IE displays the card view correctly and does not hang. This is related to a change in XSL based rendering in IE, requiring deferal of the wrap function call through a timeout.
Introduce session persistence to the LDAP store to offer an alternative to passing credentials in the cookie, replacing content instead with a session id. An additional alternative is also introduced to embed the session id in the URL
Introduced server side XSL transformation - integrated into vcard display for the contact records and in general response handling for blackberry user agents.
Fixed issue with poor handling of '&' in dn for URL reference to jpegPhoto which was causing some transformations to fail due to incorrect XML parsing
Completed the change to DSML response type for jpegPhoto inclusion in the stream to ensure requests from IE return a URL to the photo and not the binary stream while continuing to pass the encoded image to firefox / mozilla based browsers
Established uniform page head elements across all pages through introduction of XSL includes and imports
Introduced performance improvements by adding indexes in the XSL processing.
Introduced first page customizations for handheld user agents - initially only supporting blackberry - to include suppression of JS to wrap columns in the card style. UserAgent parameter added to all xsl templates via the new DSML_sitefrags.xsl inclusion. Telephone dialing, emailing, and SMS functional within handheld devices and tested on the blackberry.
Addition of xmlObjectTemplate parameter to ldapupdate handler and the Present action type to present XML documents directly from the server. Formerly, this was achieved by getting XML documents directly via HTTP get requests, but this did not accomodate agents - such as handheld or mobile phone browsers - that did not perform the transform via XSL.
Addition of the dlFilename parameter to ldap update handler to allow responses to be provided with an attachment disposition whose filename correlates to the value of the parameter.
This release focuses on improving the overall end user and administrative experience by providing better visibility when issues arise during edits and segregating LDAP configuration more distinctly from the presentation layer. In addition, we have introduced the capability to move contacts under new / different organizations.
More visible and legible status responses
Ability to dial contacts direct with skype, chat via yahoo
Classify and manage vendor contacts through introduction of the DSML_vendors.xsl and a new PSIndVendorAcct objectClass
Move contacts across nodes
Fixes to the contact photo presentation
Segregated browser side configuration into psldap_config.js
Implemented handling of multipart/form-data in post responses.
Implemented updates to LDAP backing store with binary data, allowing for the setting of the jpegPhoto field in the inetOrgPerson schema.
Fixed defect in delete handler for ldap records.
XSL/HTML Updates
Updates to sample XSL to add links for editing visible records in table and card view.
Fixed issue with password field in the new user XSL.
Also added field to insert jpegPhoto when editing inetOrgPerson records.
Allowed printing of name in table view XSL when CN is protected by accessing first and last name
Implemented new look and feel for edit form buttons
Set print css for the table view to style for printing
Modified index page for XSL sample interface to create new from an input select. Tweaked the layout of the index as well to make a little more user friendly.
Changed auth form internal redirect to send 302 response - fixes pages with relative references to other resources and authenticated directory requests.
Recognized failure to provide credentials as an auth failure, allowing denial after three attempts to authenticate without credentials.
Changed authorization handler to check for existence of user key definition and to decline authorization handling if the key is not defined. Authentication had already been checking this condition. This fixes a crash in the module.
Addition of configuration parameter, PsLDAPEnableAuth to control whether or not A&A is enabled. Set to 'on' by default.
Changed require group parsing to recognize group names with spaces when they are quoted with either single or double quotes. The type of quote used to delineate the group may not be used in the group name.