WP Cassify

2.4.1

• Log debug/info messages only if debug mode is enabled in plugin settings or if WP_DEBUG is enabled. Fix some logs.
• Fix(upgrade): restore URL bypass to ‘enabled’ on existing sites that never explicitly saved the option, preventing broken super-admin access after upgrade from pre-2.4.1.
• Feat: add WP_CASSIFY_ENABLE_URL_BYPASS constant support in wp-config.php to force URL bypass independently of the UI setting. Recommended for multisite super-admins: define( ‘WP_CASSIFY_ENABLE_URL_BYPASS’, true );

2.4.0

• Fix : let ‘name of the service validate servlet’ be customized
• Feat(security): validate CAS service URL with host allowlist and backward-compatible monitor mode
• Security: URL bypass is now disabled by default and bypass parameter name/value are configurable
• Improve die messages.
• Remove jquery dependency for admin interface, use vanilla js instead.
• Security: harden input handling, unserialize, and admin output escaping
• Hardened WP-Cassify’s rule engine for more robust parsing and evaluation.
• Improved query handling in uninstall and configuration import routines
• Fix some logs

2.3.9

• Just fix tag in wp-cassify.php

2.3.8

• No session_start for cron/ajax requests

2.3.7

• Fix -NCONTAINS and -NOTIN rule evaluations.

2.3.6

• Fix and simplify wp_cassify_logout_with_redirect shortcode
• Sanitize service_redirect_url in wp_cassify_login_with_redirect to prevent potential XSS (reported by Muhammad Yudha via Patchstack).
• Fix ‘Notice: Function _load_textdomain_just_in_time was called incorrectly.’

2.3.5

• Fix PHP start session only when needed (fix) – thanks to @kkatpcc
• Fix grammar in die message of wp_cassify_auth_user_wordpress – thanks to Randy Hammond

2.3.4

• Fix wp_cassify_notification_rule_matched

2.3.3

• Fix PHP start session only when needed – thanks to @partyka
• Fix PHP warning parse_str – thanks to @erseco
• Fix PHP warnings
• Ensure to run jquery when DOM is ready
• Fix CAS Single Log Out feature

2.3.2

• Fix PHP8 support

2.3.1

• New custom hook wp_cassify_after_auth_user_wordpress

2.3.0

• Some bugfix

2.2.9

• Add PHP8 support (experimental). Reordering optionnal parameters to delete PHP8 deprecated warnings. Replace deprecated method wp_get_sites() by get_sites().

2.2.8

• Add new parameter to custom filter wp_cassify_grab_service_ticket_roles_to_push. Now you can use $cas_user_datas inside filter.

2.2.7

• Bug fix on multivalued fields with IN operator

2.2.6

• Bug fix on handle multivalued fields

2.2.5

• Handle multivalued fields (thanks to jusabatier)

2.2.2

• SLO (Single Log Out) support (thanks to dedotombo and me)
• Adding NCONTAINS operator (thanks to blandman)
• Fix bug on Gateway mode (autologin) (thanks to dedotombo again). Now it’s now necessary to hack theme files to fire it.
• Adding option logout on authentication failure to not disturb users
• Initialize PHP session at a later stage (on wp_loaded not on init)

2.2.1

• Fix incorrect PHP version requirement, thanks to olhovsky.
• Fix PHP7 warnings, thanks to vbonamy.
• Fix serviceUrl with parameters, thanks to franck86
• Add new parameter settings for cURL : CA_PATH, CA_INFO, thanks to Basile

2.2

• Replace SwiftMailer by native wordpress mailing library PHPMailer. Replace usage of deprecated MCrypt library by openssl. Somes bug fixes.

2.1.9

• Fix error with recent version of JetPack.

2.1.8

• Add support for Pantheon environments. Thanks to Jesse Loesberg.
• Fix error on uninstall if table does not exists

2.1.7

• Adding meta require PHP version. Fixing error : fix restore configuration filein multi-site configuration. (Thanks to buddywhatshisname)

2.1.6

• Fixing error : fix backup file download in multi-site configuration. (Thanks to buddywhatshisname)

2.1.5

• Fixing error : removing extra slash from logo url

2.1.1

• Fix missing file autoload_static.php

2.1.0

• Fix SVN error

2.0.9

• Upgrade SwiftMailer library to 6.0.2.

2.0.8

• Add ‘-IN’ and ‘-NOTIN’ operators to process array attributes values.

2.0.7

• Add new filter wp_cassify_override_service_validate_url. Build you own service validate url. Very useful when you’re behind loadbalancer.

2.0.6

• Add new feature : Purge user roles before applying rules (syncing wordpress local roles with CAS user attributes)
• Add new shortcode : wp_cassify_logout_with_redirect
• Some bug fixes

2.0.4

• Fix bug on PHP Strict standards.

2.0.2

• Fix bugs on backup/import configuration settings

1.9.9

• Backup / Restore plugin configuration options settings

1.9.7

• Add support for multivaluated field in wp_cassify_parse_xml_response and in wp_cassify_sync_user_metadata.
• Bug fix on duplicate path with php7. Thanks to Richard Tape.

1.9.6

• Some bug fixes.

1.9.4

• Debug settings, dump last xml cas server response.

1.9.3

• Bug fix on rule solver (on NEQ operator)

1.9.2

• Bug fix on rule solver

1.9.1

• If plugin is network activated, you can define User Role Rule scope by blog id.

1.9.0

• Security fix.

1.8.9

• Bug fix on local logout.

1.8.8

• In multisite support in subdomain configuration, add an option to override service url.
• Add filter wp_cassify_redirect_service_url_filter

1.8.6

• Test multisite support in subdomain configuration.
• Fix bug on gateway mode.
• Remove function force_user_member_of_blog.

1.8.5

• Add function force_user_member_of_blog.

1.8.3

• Bug fix on user automatic creation.

1.8.2

• Add youtube video in plugin description.

1.8.1

• Bug fix on logout from local wordpress auth.

1.8.0

• Bug fix on service url with querystring parameter.

1.7.9

• Detect if user has already authenticated by CAS from your public pages and perform auto-login. Include this in
  your index.php or in another template file inside your theme (It use CAS gateway mode) :

  if ( isset($GLOBALS[‘wp-cassify’]) ) {
  $GLOBALS[‘wp-cassify’]->wp_cassify_check_authentication();
  }

1.7.4

• Bug fixes on notifications configuration settings.
• Bug fixes on notification message sending.

1.7.2

• Define user account expiration rules bases on CAS User attributes !

1.7.0

• Bug fix : Suscriber role overwrite all other roles. Suscriber role is pushed only if user account is recently created.

1.6.9

• Warning bugs fixes.

1.6.8

• Bug fix
• Add custom hooks : wp_cassify_before_auth_user_wordpress, wp_cassify_before_redirect, wp_cassify_after_redirect. (See online documentation)

1.6.7

• Suscriber role is pushed by default when user is successfully authenticated by CAS.

1.6.6

• Bug fix
• Add custom hook : wp_cassify_before_auth_user_wordpress

1.6.5

• Add support for web application hosted behind a reverse proxy. (Thanks to franck86).

1.6.4

• Add shortcode to generate login CAS link with redirect.

1.6.3

• Fix bug on javascript control UI.

1.6.2

• Send email notifications when trigger is fired (after user account creation, after user login/logout).

1.6.1

• Email notifications when user account is created.

1.6.0

• New admin interface with metaboxes.
• Fix Bug multi-select fields if network activated.

1.5.9

• Fix Bug on synchronization between CAS User attributes and WordPress User metas

1.5.8

• Fix SSL Certificate probleme. Reintroduce cURL function instead of wp_remote_get function.
• Add SSL Configuration option : SSL Check Certificate wich turn on/off CURLOPT_SSL_VERIFYPEER option.

1.5.7

• Replace cURL function with wp_remote_get function. Now plugin does not require php5-curl.
• Add notice message on admin screen.

1.5.6

• Custom hook to perform actions just after cas authentication. Hook name : wp_cassify_after_cas_authentication
• Custom hook to perform custom cas server response parsing. Hook name : wp_cassify_custom_parsing_cas_xml_response

1.5.5

• Some bug fixes.

1.5.4

• Add custom GET parameter (?wp_cassify_bypass=bypass) to bypass CAS Authentication on certain urls. See online documentation for more infos. Bug fixes on Authorization rule editor.

1.5.3

• Some bug fixes. Security fixes.

1.5.2

• Some bug fixes.

1.5.1

• Synchronize WordPress User metas with CAS User attributes

1.5

• User Role Rule Editor : set user wordpress role according to CAS Attributes values.

1.2

• Multisite configuration possible if network activated.

1.0

• First version.