Release announcement for Pubcookie 3.0.0 Beta1:
Release Announcement: Pubcookie 3.0.0 Beta 1
The Pubcookie team is pleased to announce the availability of a new
release of the Pubcookie web single-signon package: Pubcookie 3.0.0
Beta 1. This is a beta-test release, comprising of new login server
and Apache module components. We encourage interested parties to
deploy this version in test and pilot environments, and to provide
feedback to the Pubcookie team. We expect to release a final 3.0
version sometime in September.
Please see the newly-redesigned Pubcookie web site for information
about the package and the project, including download, development,
and mailing list info:
Pubcookie 3.0.0-beta1 includes a number of new features (many of them
implemented by developers from Carnegie Mellon University and the
University of Wisconsin, who have joined the core development team),
as well as portability and deployability improvements over previous
* LDAP and local (e.g. /etc/shadow) username/password verifiers.
* Pluggable backend verifier interface. This permits adding new
username/password verifier methods by writing to a simple interface.
* Build via standard GNU config/make (ie, using autoconf).
* "Login flavors" abstraction. This permits sites to implement
distinct login policy schemes that can be called independently by
applications. A "basic" scheme is provided that should meet the
needs of many sites, providing single signon and logout features.
* Logout from weblogin session. Pages on weblogin server, callable
by end-user or modules, that delete login (SSO) cookie.
* Configurable authentication-type labels for Apache and Microsoft IIS.
* Improved encryption key distribution.
* Configurable logging.
* Multiple realm support in the Kerberos password verifier.
* "Kiosk mode". Browser identified by configurable user-agent string
is given short login (SSO) session length.
* "Pre-session cookie". Prevents some malicious-site cookie-grabbing
These enhancements, plus the usual minor improvements, code cleanups,
and documentation improvements make this release easier to evaluate,
customize, integrate, and deploy than previous releases, and should
make Pubcookie a useful web single sign-on package for many sites.
Notes for this release:
* Support for the Pubcookie ISAPI filter, i.e. the Pubcookie
component for the Microsoft IIS web server, is *not* currently
working in 3.0.0-beta1. This component should be working again
* Pubcookie 3.0.0-beta1 is *not* on-the-wire compatible with previous
versions. Sites running previous versions of Pubcookie will need to
deploy new modules, weblogin servers, and keys.
We encourage users and testers of Pubcookie to subscribe to the
pubcookie-users mailing list. Email firstname.lastname@example.org and
subscribe pubcookie-users Your Name
in the body of the message. There is also a low-volume announcements
list, which can be subscribed to via
subscribe pubcookie-announce Your Name
to which announcements such as this one will be sent.
Specific questions about Pubcookie or this release can be directed to:
University of Washington