Pubcookie Home > News 
 
Pubcookie Homepage Pubcookie News
Announcing Pubcookie 3.0.0 Beta1
Component:  Pubcookie 3.0.0-beta1
Audience:  All
Modified:  December 8, 2005

Release announcement for Pubcookie 3.0.0 Beta1:

Release Announcement: Pubcookie 3.0.0 Beta 1

The Pubcookie team is pleased to announce the availability of a new
release of the Pubcookie web single-signon package: Pubcookie 3.0.0 
Beta 1. This is a beta-test release, comprising of new login server 
and Apache module components.  We encourage interested parties to
deploy this version in test and pilot environments, and to provide
feedback to the Pubcookie team.  We expect to release a final 3.0
version sometime in September.

Please see the newly-redesigned Pubcookie web site for information
about the package and the project, including download, development,
and mailing list info:

  http://www.washington.edu/pubcookie/

Pubcookie 3.0.0-beta1 includes a number of new features (many of them
implemented by developers from Carnegie Mellon University and the
University of Wisconsin, who have joined the core development team), 
as well as portability and deployability improvements over previous 
versions, including:

  * LDAP and local (e.g. /etc/shadow) username/password verifiers.

  * Pluggable backend verifier interface.  This permits adding new
    username/password verifier methods by writing to a simple interface.

  * Build via standard GNU config/make (ie, using autoconf).

  * "Login flavors" abstraction.  This permits sites to implement
    distinct login policy schemes that can be called independently by
    applications.  A "basic" scheme is provided that should meet the
    needs of many sites, providing single signon and logout features.

  * Logout from weblogin session.  Pages on weblogin server, callable
    by end-user or modules, that delete login (SSO) cookie.

  * Configurable authentication-type labels for Apache and Microsoft IIS.

  * Improved encryption key distribution.

  * Configurable logging.

  * Multiple realm support in the Kerberos password verifier.

  * "Kiosk mode".  Browser identified by configurable user-agent string
    is given short login (SSO) session length.

  * "Pre-session cookie".  Prevents some malicious-site cookie-grabbing
    attacks.

These enhancements, plus the usual minor improvements, code cleanups,
and documentation improvements make this release easier to evaluate,
customize, integrate, and deploy than previous releases, and should
make Pubcookie a useful web single sign-on package for many sites.

Notes for this release:

  * Support for the Pubcookie ISAPI filter, i.e. the Pubcookie 
    component for the Microsoft IIS web server, is *not* currently 
    working in 3.0.0-beta1.  This component should be working again 
    shortly.

  * Pubcookie 3.0.0-beta1 is *not* on-the-wire compatible with previous 
    versions.  Sites running previous versions of Pubcookie will need to 
    deploy new modules, weblogin servers, and keys.

We encourage users and testers of Pubcookie to subscribe to the
pubcookie-users mailing list.  Email listproc@u.washington.edu and
include:

  subscribe pubcookie-users Your Name

in the body of the message.  There is also a low-volume announcements
list, which can be subscribed to via

  subscribe pubcookie-announce Your Name

to which announcements such as this one will be sent.

Specific questions about Pubcookie or this release can be directed to:

Nathan Dors
Pubcookie Project
University of Washington
Phone: 206/543-0624
FAX: 206/221-6966
E-Mail: pubcookie-ext@cac.washington.edu


[Pubcookie Home Page]
Copyright © 2002-2008 University of Washington
UW Technology Services
Pubcookie Contact Info
Modified: December 8, 2005