Google Git
Sign in
apache / jspwiki / refs/tags/jspwiki_2_5_124_beta / . / ChangeLog
blob: 073e25c8f844cf6c5d77bd632cb251032503387e [file] [log] [blame]
2007-08-25 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.124
* [Bug 89]: Removed Test plugin (now that IfPlugin can do all the
same things).
* [Bug 32]: LuceneSearchProvider now also indexes the page
with all the non-letters removed.
* [Bug 121]: RSS.rdf is now only generated of pages to which
the Anonymous user has access to.
2007-08-24 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.123
* Added Murray's patch to allow static calling of IfPlugin.
2007-08-22 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.122
* [Bug 113]: Error with 'join wiki now!' link creating new accounts
2007-08-22 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.121
* [Bug 10]: Fixed.
* Made findSuggestionMenu transparent since it sometimes blocks
the view. Also reduced fontsize a bit.
2007-08-21 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.120
* [Bug 89]: Added support also for [{If var='xyssy' exists='true'}],
requested by Dirk.
* Localized WeblogEntryPlugin (strangely enough, the plugin text
was already in the resource file.)
* [Bug 39]: Fixed the login issue, but many things still remain.
* Fixed issue with login email sending which was using a hard-coded
URL.
2007-08-19 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.119
* [Bug 89]: Added "exists" parameter to IfPlugin.
2007-08-19 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.118
* [Bug 110]: WikiContext.checkAccess() was doing double encoding,
and therefore pages with spaces would be returning wrong login
URLs. Reported by Alex Samad.
* Fixed a bunch of failing unit tests - the change of "editpage"
to "createpage" had for some reason slipped everyone's attention.
2007-08-17 Juan Pablo Santos <juanpablo.santos@gmail.com>
* 2.5.117 - Page renaming caused a NullPointerException under some circumstances,
filed as Bug 85. Fixed, seemed to be caused when renaming a non-existing page
(cfr. with http://bugs.jspwiki.org/show_bug.cgi?id=85). Added some JUnit tests to
check this.
2007-08-15 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.116 - More fixes for IE
* More fixes for collapsable lists and the Greeting box.
* Positioning of popup menu's now also correct on IE.
* CSS-classes were added reflect anonymous, asserted, authenticed status.
The SMART skin has user icons reflecting the login status.
(suggested by Murray Altheim)
2007-08-12 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.115 - More IE fixes (more to come)
* Collapsable lists were not working in the current STRICT DTD mode,
due to a remarkable IE bug (ref. http://mt-olympus.com/emmett/bug_overflow_positionrelative.php )
* The USER greeting box needed an fix, for IE.
* Fixed the visibility of the Attachment Tab for IE
* The handling of the user profile Creation (under login context) and
user profile modifications (under Pref context) has been fixed.
Errors during creation or update are now routed back to the correct contexts.
2007-08-06 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.114 - Few IE fixes
* Some annoying IE layout issues fixed:
TAB layouts and positioning of User greeting & login & prefs.
There is still a major bug on the positioning of the popup menu's
in IE which makes the More menu and Navigation menu's not usable.
Ongoing.
* Checkboxes for Tab-completion and Smart-typing-pairs are not
functional in IE, so now they are hidden in that browser. (BUG 103)
* Added the LoginHelp page.
* Ensure xhtml compliance when suppressing the PageActionsTop
in 'login' and 'prefs' context
2007-08-04 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.113
* Added "localheader.jsp", which is included from commonheader.jsp.
The idea is that it is an "empty" header file which can be safely
overridden in your local template without having to change
commonheader.jsp
* Updated Finnish localization.
2007-08-05 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.112 - Login/LostPassword/Register user fixes
* Fixed 'show-all' search results in Find. Only display of blocks of 20 was working.
* Renamed the css class 'editpage' to 'createpage'
because that's actually what it is. (BUG 55)
* Login/LostPassword/Register jsp's clean up and bugfixes:
Handling of Lost/Reset Password is now properly covered by template jsps. (BUG 38)
Still todo: the handling of Create/Modify User Profile (part of UserPreference and Login flow)
need to be refactored. When creating a new user profile in the Login screens, the error handling
get's processed by UserPrefs. Confusing.
Some i18n resources where shifted to the right CoreResources or templates.default bundle.
(this still needs to be done for all language specific resource files !!)
# Login.jsp (moved from template.default to CoreResources)
login.error.capslock=Invalid login (please check your Caps Lock key)
login.error.password=Not a valid login.
login.error.noaccess=It seems you don't have access to that. Sorry.
# moved from CoreResources to template.default (NOTE: lostpwd changed to lostpw !)
login.lostpw.reset.clickhere=Click here
login.lostpw.reset.login={0} to log in once you retrieve your new password.
* PageActionsTop.jsp was updated to hide the More menu from 'non-page' related contexts.
The More menu will only be shown in view, edit, comment, diff, info, preview, upload & find
* The SearchPageHelp was extended with some Lucene hints.
2007-08-04 Janne Jalkanen <jalkanen@ecyrd.com>
* Updated Finnish localization.
2007-08-05 Juan Pablo Santos <juanpablo.santos@gmail.com>
* i18nized some JSPs with hard-coded text. New localizable strings:
- GroupTab.jsp (default.properties)
grp.createdon
grp.lastmodified
grp.groupnames.title
grp.newgroupname
grp.savegroup
grp.savenewgroup
grp.cancel
grp.deletegroup
grp.deletegroup.confirm
grp.formhelp
grp.allgroups
(grp.by removed due to proper use of MessageFormat)
- NewGroupContent.jsp (default.properties)
newgroup.creategroup
- PreferencesContent.jsp (ProfileTab.jsp, default.properties)
prefs.roles
prefs.groups
prefs.creationdate
prefs.profile.lastmodified
- UserProfileTag (coreresources.properties)
userprofile.nogroups
userprofile.noroles
* Updated spanish (es_ES) translation.
2007-08-04 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.111
* Closing final final XHTML compliancy issues (Closing BUG 9)
* More menu is now extendable (BUG 20)
A new page called 'MoreMenu' can now be used to extend the More menu
with extra stuff, such a links to Recent Changes, Page Index,
System Info, About, Site Map, etc. The behaviour is similar as for the LeftMenu.
It is only functional when JS is turned on in your browser.
Otherwise the more menu is an ordinary dropdown.
* Fixed Favorites position (left/right) in Edit and Upload view
* Removed font resizing stuff. No real add value. (and not working in IE anyway)
2007-08-04 Janne Jalkanen <jalkanen@ecyrd.com>
* "ant war" now compresses jspwiki-edit.js, jspwiki-common.js
and jspwiki-prefs.js using the Rhino library. This should bring
in considerable savings to bandwidth and response.
2007-08-03 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.110
* Added patch from Murray to provide property cascading from
system properties.
* Added patch from Murray to provide setting of AclManager
(use jspwiki.aclManager=<class>).
2007-07-30 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.109 - internal cleanup of JSP's, few bugfixes (one for IE)
* Added new <wiki:SetPagination> Tag to get rid of java hacking
in InfoContent.jsp and AJAXSearch.jsp. Fixed a few bugs on pagination
as well. Now pagination does show up properly at version=20.
(reported by Milt Taylor)
* New marker defined 'jslocalizedstrings' to cleanup commonheader.jsp.
Some refinement is still needed, but it works for now.
* Fixed IE crash in jspwiki-edit.js causing edit toolbars not to be
rendered. (as reported by Milt Taylor)
* Bugfix: Attachment upload was not working anymore (introduced in 2.5.107)
2007-07-30 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.108 - template changes & usability
* The 'Edit' button is now back in its previous position. (after recent popularity poll ;-)
The 'More' button now has a little down-icon as visual clue that it's actually a dropdown.
The GoTo-Bottom triangle has been removed (reduce screen clutter, not used much anyway)
The GoTo-Top button is still there.
The 'Login', 'Logout' and 'My prefs' are put below Greeting, which is more natural.
(with still 2 different approachs in the default and Smart skin)
* New preference added to select Left/Rigth position the Favoristes menu.
The position of the 'More' menu and 'Find/Recentchanges' dropdowns is now calculated on the fly.
prefs.user.orientation=Favorites style
prefs.user.orientation.left=Left
prefs.user.orientation.right=Left
* Smart and OrderedList skins are now aligned with latest GUI changes
* After setting new UserPreferences, you get now redirected back to the page you came from.
(similar to login)
* XHTML compliance improvements.
Border settings have been removed from img elements. (RecentChangesPlugin,
RSSCoffeeCupLinkTag, TranslatorReader)
Replace all <u> in default.properties by <span class="accesskey">
editor.plain.name=Your <span class='accesskey'>n</span>ame
editor.plain.email=Homepage or e<span class='accesskey'>m</span>ail
actions.edit=<span class='acceskey'>E</span>dit
actions.editparent=<span class='acceskey'>E</span>dit parent page
actions.prefs=My <span class='acceskey'>P</span>refs
actions.prefs.title=Manage user preferences [ p ]
* The attachment img viewers now alos supports capitalised extensions
(eg both jpg and JPG can be reviewed)
* Small refactorings on the Tabbed Sections. (simplified TabTag html)
All content inside a tab, also the floated content, will nicely fit inside the tab.
(ref bug 101)
2007-07-24 Juan Pablo Santos <juanpablo.santos@gmail.com>
* Updated spanish (es_ES) translation.
2007-07-24 Janne Jalkanen <jalkanen@ecyrd.com>
* Just updated Finnish translation and fixed some entity names
in English translation.
2007-07-23 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.107
* Many 'usability' improvements based on many many inputs from
Claudia, Murray, Alex and Janne. Hope you like them :-)
All screens now consistenty show 3 TABS (view, attach and info)
The Edit action has become a 'pseudo' TAB positioned right next
to the standard set of tabs, but visually different.
For the time being, Add-Comment remains hidden in the More dropdown
as it is less frequently used.
The More action has been visually adjusted as a kind of 'button'.
The Link tab and Diff tabs are incorporated in the Info screen as
collapsable boxes, and are only shown depending on the context.
This brings back all page info (links, version history) back under one
single place.
A new --USER-- bar is added with UserName, Login/Register, Prefs and Logout
actions. These actions are not anylonger in the top pageactions sections.
This USER bar is positioned at the top of the screen (PlainVanilla skin)
or in the Favorites sections (SMART skin)
The bottom page actions have been simplified to the max.
When clicking the 'goto TOP' triangle, you are just one click away
from all remaining actions and buttons. (this was the most easiest for now ;-)
Pending stuff: allow configurable 'quick-links' to be added next to and
inside the More... menu. Skins may not yet be up to date with all changes
- expect some glitches here and there.
* Added link to 'View source page' to the More menu. New i18n property:`
actions.rawpage=View Page Source
* Fixed the Diff dropdown selectors when no parameters (r1 and r2) are provided.
* Editor/Posteditor improvements:
Checkboxes were added to turn on/off the Tab Completion and
Smart TypingPairs. Your settings are cookie-fied.
Some new i18n keywords added:
editor.plain.smartpairs= Smart Typing Pairs
editor.plain.smartpairs.title= Auto pairing of () [] {} "" ''
editor.plain.tabcompletion=Tab Completion (keyword+Tab)
editor.plain.tabcompletion.title=Auto expansion of keyword to Wiki Markup
All posteditor functions are now also undo-able.
The Posteditor now correctly handles Shift+right-arrow in Firefox. (Bug 91)
* Fixed Bug 86 Commentbox and Tabbedsection not playing well (reported by Alex Samad)
2007-07-20 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.106
* Fixes an XSS vulnerability with evilly formed links.
Reported by Igor Minar.
2007-07-18 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.105
* AdminUI has now rudimentary user management - it's now
possible to add, change and remove user accounts using the adminUI.
AdminUI is reachable through admin/Admin.jsp.
2007-07-18 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.104
* The "Home" link now get's the actual name of the home/front page
(suggested by Claudua Frers)
Remove the key='actions.home' from i18n properties
* Fixed floating issue between TabbedSections and CommentBoxes inside pages.
(reported by Alex Samad)
* More xhtml fixes on PreferncesTab and default.properties.
2007-07-18 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.103
* [Bug 21]: Turned out to be a problem of self-referencing
pages.
* [Bug 85]: Added an extra check for this case. It still throws
an exception, but at least it's a lot more useful to debug.
* [Bug 25]: Was related to Bug 21. Added test cases and fixed.
* Added IfPlugin; thanks to Scott A. Bybee who explained to me
how useful conditional wikitext can be.
* [Bug 87]: Login process now returns you to the same page
where you chose to login.
2007-07-17 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* Updated Finnish localization.
2007-07-17 Dirk Frederickx (dirk.frederickx@gmail.com)
* No version bump -- some small fixes only.
* Few small IE6 tweaks: position of actionmenu popup,
position of triangle icons for top and bottom link
* Remaining xhtml issues (empty <td/> are not allowed) (BUG 9)
All pages of xhtml compliant, excpet UserPreferences.
2007-07-17 Christoph Sauer (sauer@hs-heilbronn.de)
* 2.5.102
* Bug 13 fixed. Chuck found that by using WikiWizard 1.1.1 instead of 1.1,
it would load properly. However, it would not import the text with JavaScript
due to a new security mechanism built into Mac OS X. To remedy this problem,
we added scriptable="true" to the applet tag and it should work now.
* Added missing german localisations. Added a class called MissingTranslations
that helps diff the ressource property files. Adapt it to your localisation
and run it directly in your IDE.
2007-07-14 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.101
* Few more xhtml issues resolved.
* Default Template is now fixed for IE6.
* Edit Assist toolbar tips localized.
New localisable items, since v2.5.100
editor.plain.posteditor=Enter Keyword+Tab:
editor.plain.posteditor.title=shift+enter for next next field
editor.plain.editassist=Edit Assist
editor.plain.editassist.title=Toggle Edit Assist buttons
editor.plain.tbLink.title=link - Insert wiki link
editor.plain.tbH1.title=h1 - Insert heading1
editor.plain.tbH2.title=h2 - Insert heading2
editor.plain.tbH3.title=h3 - Insert heading3
editor.plain.tbHR.title=hr - Insert horizontal ruler
editor.plain.tbBR.title=br - Insert line break
editor.plain.tbPRE.title=pre - Insert preformatted block
editor.plain.tbDL.title=dl - Insert definition list
editor.plain.tbB.title=bold
editor.plain.tbI.title=italiceditor.plain.tbMONO.title=mono - monospace
editor.plain.tbSUP.title=sup - superscript
editor.plain.tbSUB.title=sub - subscript
editor.plain.tbSTRIKE.title=strike - strikethrough
editor.plain.tbTOC.title=toc - Insert table of contents
editor.plain.tbTAB.title=tab - Insert tabbed section
editor.plain.tbTABLE.title=table - Insert table
editor.plain.tbIMG.title=img - Insert image
editor.plain.tbCODE.title=code - Insert code block
editor.plain.tbQUOTE.title=quote - Insert quoted block
editor.plain.tbSIGN.title=sign - Insert your signature
2007-07-14 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.100
* Finalising xhtml fixes. I hope to close (BUG 9) really soon now.
* The Frontpage variable can not be use cause it is not always set.
Falling back to engine.getFrontPage() (BUG 82)
* The Edit Assist and the resize bar are now also availble in the Add Comment page
* The Edit Assist buttons have been improved. Pressing a button will replace the selected
text properly, instead of just overwriting it. (EG, select a word and press the BOLD button
to replace theword by __word__) Also the handling of newline has been improved as
some markup should always appear at the start of a new line. (EG, headers, tables, ...)
(ref also BUG 83)
* Experimental, but looks promising ;-) When JSPWiki rendered on a narrow screen, (eg 200x320px)
page-tabs were overlapping with page-actions, and not usable anymore.
Now, the tabs nicely shift below the page-actions when the screen is very small.
This will help JSPWiki to be usable on mobile divices such as S60 or iPhone. (BUG 80)
As always:: please test this on IE browsers and feedback. Testing was done FF, Safari, Opera and Camino ok.
* The Smart and OrderList skin have now aligned with latest pageactions changes
2007-07-14 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.99
* [Bug 77]: We were starting two FilterManagers - apps were
registering to the other one, and events were fired with the
other one... Heh.
* Startup now outputs a lot more useful info about the environment
(enabled by setting WikiEngine to DEBUG).
* WebSphere Community Edition (WSCE 1.0) was crashing at startup,
due to AuthenticationManager.hasCookieAuthentication() assuming
non-null JAAS lists.
* TestHttpServletRequest now returns a sane locale (so that no
NPE's occur anymore in tests).
* Updated Finnish localization up-to-date.
2007-07-14 Juan Pablo Santos <juanpablo.santos@gmail.com>
* Checked in spanish (es_ES) translation.
* Added localization for validateNotNull at InputValidator, one new
localizable string in CoreResources:
- validate.cantbenull
2007-07-13 Christoph Sauer <sauer@hs-heilbronn.de>
* checked in missing /com/ecyrd/jspwiki/plugin/PluginResources
german translation. [Bug 74] closed.
2007-07-12 Christoph Sauer <sauer@hs-heilbronn.de>
* 2.5.98
* Added jspwiki.basicAttachmentProvider.disableCache property. It takes
a regex that let you define for which filename patterns to disable the
browser cache. See more on this in the jspwiki.properties.tmpl comment
* Fixed Bug in CreolePageFilter: Two tables seperated by a blank line
where rendered as one table
* Checked in German localisation for CoreResources
2007-07-12 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.97
* Changed "validate.unsafechars" i18n pattern to fix a fatal
bug with it. Also deleted "validate.invalidid", since it's no
longer needed.
* Updated Finnish localization (fi).
2007-07-11 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.96
* Added a bunch of missing localizations, reported by Youheng Hu.
New localizable strings in CoreResources are:
- security.error.createprofilebeforelogin
- security.error.blankpassword
- security.error.passwordnomatch
- security.error.illegalfullname
- security.error.illegalloginname
- security.user.loginname
- security.user.fullname
- security.user.email
- validate.unsafechars
- validate.invalidemail
- validate.invalidid
* WikiSession gains getLocale() method, which provides a cached
locale object.
2007-07-10 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* [BUG 81] Added the _en resource bundles to the JAR build by copying
the default bundles in build.xml. No bump, no functionality change.
2007-07-09 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.95
* Stabilising 2.5.94.
* Remove editor type selector from CommentContent.jsp
* Bugfix on tab switching in the Login and UserPreferences pages
* Bugfix: the SIGN shortcut was not working in Edit Assist
* Bugfix: typo in commonheader.jsp caused jspwiki-edit.js to be loaded twice
* Bugfix: z-index adjusted for More.. menu to satisfy IE editors.
* Fixed remaining xhtml issues. (BUG 9)
2007-07-08 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.94
* Cookie handling has been refactored. JSPWikiUserPrefs is now JSON based.
Also the height of the edit textarea is 'cookiefied', so jspwiki remembers
your prefered height of the editor area. (BUG 67)
The RecentSearches memory has been added to the JSPWikiUserPrefs and doesn't require
an additional cookie. (less cookie dirt)
* Replace all hardcoded references to 'Main' by 'wiki.frontPage' (BUG 42)
* Improved the loading of additional Javascript chunks. jspwiki-edit.js is now
only loaded with plain.jsp, so no more interference with WikiWizard (BUG 78)
* Major refactoring of the 'More...' dropdown menu. It now perfectly runs on Firefox,
Opera, Camina, Safari and (i hope ;-) on IE. Plse test test test on IE6 and IE7 and report
bugs. The new menu is also XHTML compliant.
Many improvements have been done on the remaining XHTML compliancy issues.
* The Editor type selector is now moved to the UserPreferences page, instead of the
Edit.jsp. Changing the editor type during an edit session was dangerous,
as changes to the page are not saved. Now you can set your preferred editor in MyPrefs.
* The editor textarea has been boosted with Posteditor
(see http://icebeat.bitacoras.com/mootools/posteditor/ for a demo)
The textarea now supports the TAB key, smart 'typing pairs' (suchs as () [] {} )
and has some fancy tab-completion of commonly used commands.
Try entering toc+TAB to see the effect.
The PostEditor is only functional on non-IE browsers, and if Javascript is on.
* The Editor assist toolbar provides a set of buttons to assist newbies in entering
wiki markup. Supports both non-IE as IE, only if Javascript is on.
2007-07-06 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.93
* RESOURCE_HTTPHEADER didn't work if adding dates.
* AdminBeanManager is now a bit more robust if a bean is already
registered. Thanks to Alex Samad for the patch.
2007-07-04 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.92
* DiffProviders are now localized. Unfortunately, this meant an API
change, so WikiEngine.makeDiff() now takes a WikiContext as a parameter.
I don't think many people were using it, though, so it's not a major
issue.
* New localizations in CoreResources-bundle:
- diff.traditional.added
- diff.traditional.changed
- diff.traditional.removed
- diff.traditional.oneline
- diff.traditional.lines
2007-07-03 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.91
* There have been loads and loads of fixes to Checkstyle warnings.
* Added RESOURE_HTTPHEADER from Alex Samad. Thanks!
2007-06-30 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.90
* [Bug 71]: Login.jsp is now localized. All localizers, please
note that there are three new strings to localize in
"templates.default" -bundle:
- login.error.capslock
- login.error.password
- login.error.noaccess
* In addition, there are further localization done in top-level
JSPs. New strings in CoreResources are:
- security.error.noaccess.logged
- security.error.noaccess
- security.error.wrongip
- rename.empty
- rename.error.title
- rename.error.reason
- rename.identical
- rename.exists
- rename.unknownerror
- lostpwd.newpassword.email
- lostpwd.newpassword.subject
- lostpwd.nouser
- lostpwd.nomail
- lostpwd.emailed
- lostpwd.reset.title
- lostpwd.reset.clickhere
- lostpwd.reset.login
- lostpwd.reset.unable
- lostpwd.reset.blurb
- lostpwd.reset.submit
* Updated English and Finnish localizations (and fixed a couple of
sillinesses in the Finnish localization)
2007-06-23 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.89
* Cookie handling has been refactored. JSPWikiUserPrefs is now JSON based.
Also the height of the edit textarea is 'cookiefied', so jspwiki remembers
your prefered height of the editor area. (BUG 67)
* Fixed handling of form focus() logic. JSPWiki now correctly puts the focus
on the first visible form element. This also resolves a JS crash on IE.
* Some improvement on XHTML compliance (BUG 9) Still some refactoring
needed on dropdown menu to improve compliance.
* Added UTF8 support to AJAXSearch.jsp
2007-06-18 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.88
* [Bug 24]: BugReportHandler no longer talks about "bug
reports", but pages. Reported by Gregor Hagedorn.
2007-06-16 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.87
* BUG 62 resolved: no sensitve info in LeftMenu during Login.
* Fix some SkinName issue relate to the new preferences object.
* BUG 52 resolved: Diff.jsp and PageInfo.jsp should not be indexed
* TextArea resize bar image.
2007-06-16 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.86
* [Bug 29], search path is now trim()med properly. Thanks
to David Au.
* A couple of fixes to warnings courtesy of Alex Samad.
* [Bug 12], AM/PM are now correct in preferences.
* Created new Preferences object, and refactored some old
preferences code from commonheader.jsp into it. This also
means that instead of using ${prefTimeZone} you would use
${prefs["TimeZone"]} in your variables. This is far more
extensible and future-proof than before. The HttpSession
now gets a Preferences object under the name "prefs". There
are also some utility methods in the Preferences class which
abstract this away. (It's also a lot faster because we do
not parse the cookie every single time.)
* [Bug 63]: The default eclipse coding style file now
has .xml suffix.
* Checkstyle config under doc/eclipse also now gains a .xml
suffix.
2007-06-14 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.85
* Bug fix: Bug 58, BreadcrumbsTag.java does not compile under JDK 6
2007-06-13 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.84
* Bug fix: Bug 8, Multiple spaces in page names are not cleaned
2007-06-11 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* Added Finnish localization. No version bump, as there
is no functionality change.
2007-06-11 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.83
* Fixed blocking IE javascript bug.
2007-06-11 Christoph Sauer (sauer@hs-heilbronn.de)
* 2.5.82
* Added German localisation.
* Added missing i18n tags in PageInfo and UserPreferences
2007-06-10 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.81
* Fixed a couple of localization issues (diff tab
was not localized properly).
2007-06-09 Dirk Frederickx (dirk.frederickx@gmail.com)
* Several XHTML STRICT compliance issues fixed.
2007-06-09 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.80
* Refactoring of SubmitOnce functionality, such that is doesn't harm
when javascript is off. Wiki.SubmitOnce() prevents you from pressing
submit buttons multiple times.
Editing is now possible (and login etc.) while javascript is off.
(ref. http://bugs.jspwiki.org/show_bug.cgi?id=3)
* Added experimental GroupTab.
* Info tab added to Upload.jsp
* Minor missing i18n fixed. Small css fixes
2007-06-09 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.79
* Fixed minor issue with default template saying "go" instead
of "find".
* First alpha release of JSPWiki 2.6.
2007-06-09 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.78
* Even more little fixes to remove Checkstyle issues.
2007-06-09 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.77
* Refactored EditorIteratorTag; Added editor changes
to the UserPreferences.
2007-06-09 Dirk Frederickx (dirk.frederickx@gmail.com)
* Info tab is back, now making use of the new tab url parameter.
* Stylesheets of the Smart and OrderedList skins have been refactored.
* Submit of the quick Navigation menu now defaults back to the
advanced Search page. The same applies to clicking the looking-glass icon.
* Upgraded to mootools v1.11
2007-06-05 Christoph Sauer (sauer@hs-heilbronn.de)
* 2.5.76
* JSPWiki now supports WikiCreole 1.0:
Checked in CreoleToJSPWiki renderer plus CreolePageFilter.
This will allow users to operate JSPWiki in WikiCreole mixed mode.
see http://www.wikicreole.org for more infos about WikiCreole.
2007-06-03 Dirk Frederickx (dirk.frederickx@gmail.com)
* Same version
* Progress bar fixed to run on Safari or Opera as well.
It uses now css style visibility:hidden iso display:none.
* Minor css fixes.
2007-06-04 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.75
* JSON interface now actually checks whether the user has
permission to call the methods. This was a relatively major
security hole... :-)
* Performance optimization to JSONSearch.
2007-06-03 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.74
* Remaining patches from David to FCK editor support.
2007-06-03 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.73
* In-page Upload Progress Bar has been added based on jsonrpc backend.
(i'm not yet 100% sure on the cross browser compatibility - can anybody
check this on ie win ?) This replaces the Progress.Popup jsp.
* Cookie handling fixed. Bug caused text-area size to be mixed up
with font size.
* New sort-icons added. Sortable tables have a better visibility now.
2007-06-02 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.72
* D'oh, David's patch didn't make it completely to CVS. Now
it should be there.
2007-06-01 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.71
* Added UserManager.JSONUserModule
* Fixed Admin.jsp such that it can no longer be invoked
accidentally (don't expect it to be available in initial alphas).
Turn on "jspwiki-x.adminui.enable=true" to see how it works.
* Added initial, non-functional user management tab in Admin.jsp.
* Added new AjaxWiki object to jspwiki-common.js to simplify AJAX
calls (mootools is nice, but their AJAX API is insanely complex).
* Added Murray's patch to enable event monitoring.
* Added David Au's patch to fix remaining issues in FCK integration.
* fckconfig.js: Disabled 'Insert Flash' button.
* FCK.jsp: Fixed issue where image attachments would not be displayed
when accessing JSPWiki via https.
* PluginContent.java: Fixed issue where plugin error messages were
appearing in FCK's editor area.
* WysiwygEditingRenderer.java: Fixed issue where pagenames were
appearing in their URL-encoded format in the href.
* XHtmlElementToWikiTranslator.java: Beautify the generated wiki markup
by printing a newline character after a linebreak. Fixed issue when
generating wiki links with spaces in the pagename. Don't print a
extraneous space after a link or an image anymore.
* WysiwygEditingRendererTest.java: Added tests for pagenames with
spaces.
* HtmlStringToWikiTranslatorTest.java: Fixed several unit tests broken
by this latest set of changes.
2007-05-30 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.70
* Many, many little fixes to remove Checkstyle issues.
* Removed the two-argument constructor from GroupPrincipal
and its associated "wiki" field. This interacted in a
very subtle way with LocalPolicy to prevent GroupPrincipal
privilege grants from being processed correctly. We
concluded that this "feature", while intended to be used
with multi-wiki environments, was fatally broken from the
start. This change is purely "under the covers" and users will
not notice the difference or need to do anything special.
* Minor tweaks to SessionMonitor and AuthorizationManager
that should slightly reduce memory leak potential.
* Introduced a new exception called DecisionRequiredException
that denotes when an operation cannot complete because
a person must make a decision. It is thrown by WikiEngine.saveText()
and UserManager.setProfile().
2007-05-29 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.69
* Renamed TEST plugin as Test to be more in line with
Java class naming conventions. Updated jspwiki_module.xml
to still use TEST as an alias.
* Tiny tweaks to some tests, who should now tell you
what to do if they cannot connect to a database.
2007-05-29 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.68
* Fixed a bug in the Ant script that were causing tests
to refuse to run sometimes because of an (erroneous)
Hypersonic error.
* As of this build, we have eliminated the need to sign
JSPWiki JARs for 95% of most users' deployments. The only
case where you need to sign them, now, is when you wish
to create a JVM-wide, consolidated security policy. We have
retained an Ant target "signjar" for that purpose. If you
are upgrading from an earlier version of JSPWiki and are
using a customized policy, however, you MUST MUST MUST
remove any "signedBy jspwiki" and "keystore" references,
otherwise JSPWiki might act odd.
* The container-specific/JVM-wide parts of the Java
security policy have been moved to a new file,
etc/jspwiki-container.policy. This is NOT bundled into
the WAR because it isn't needed there in any event...
2007-05-28 Dirk Frederickx (dirk.frederickx@gmail.com)
* SMART skin updated. Few bugfixes
2007-05-27 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.67
* WeblogPlugin now considers ACLs - if the user does not have
view permission on an entry, it's ignored on display. Also
refactored the WeblogPlugin slightly to be more legible.
* 2.5.66
* Added "url" parameter to TabTag to allow for Javascript-less
tabs.
* Removed WikiEventManager.WikiEventDelegate.m_client field, as
it was not used anywhere.
* UploadTemplate.jsp now uses the "url" parameter so that it's not
possible to get broken URLs anymore (i.e. it looks just like a regular
page view, but the URL says "Upload.jsp"). This would be pretty
confusing to an user if you sent the wrong URL in email, and the
recipient didn't e.g. have access to Upload.jsp, but did to Wiki.jsp...
* Added doc/eclipse/jspwiki-checkstyle Checkstyle Eclipse preferences.
* Added patch from Juan Pablo Santos Rodriques to add i18n targets
to build.xml.
2007-05-26 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.65
* Lots of little fixes for bugs FindBugs found.
2007-05-26 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.64 - 4th Brushed Template commit (still more to come)
* Font size fixed. Various css enhancements. Skins not yet finished.
* Enhanced Find page, including search scope (author, pagename, attachement),
and on/off checkbox for find details. Find page is now ajax driven, but also
functions properly when javascript is off.
* Edit textarea is resizeable, with a cool drag effect.
* GoToBottom and GoToTop links have icons instead of >> and <<
* Refactoring of Collapse and CollapseBox. New icons (+ and -) are being used.
* Bugfixes on Tips JSPWiki style
* Test Plugin added, to enhance use of JSPWiki variables.
EG you can now use [{TEST name="context" match="edit" ...some body... }]
for specific content in your leftmenu.
More info at http://www.jspwiki.org/wiki/BrushedConditionalPlugin
2007-05-25 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.63
* Fixed a couple of typos in default template (thanks to Frank Fischer).
* Fixed a couple of typos in code (thanks to Murray Altheim).
* Fixed HTML editor crashing when editing (thanks to David Au).
2007-05-22 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.62
* Added CookieAuthenticationLoginModule. This module stores
an UID in the user's browser, and automatically logs the user
in, if the cookie exists. This can be a security hazard, so
it is a good idea to disable it in jspwiki.jaas, if you are
worried about local users being able to spoof identities.
For this reason, it's by default disabled in jspwiki.jaas
* Modified LoginContent.jsp to contain "Remember me?" checkbox.
2007-05-20 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.61
* Fixed the last of the failing JWebUnit tests. Also added a new one
that verifies that profile renaming operations correctly re-set group
memberships and page ACLs.
2007-05-20 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.60
* New, improved SpamFilter with Captcha recognition, if we
suspect you to be a spammer. Captcha system is currently based
on Microsoft Research's Asirra, though we will probably want
to make it pluggable. I have to admit that this required
far too much surgery in Edit.jsp to be nothing but a hack,
but I have to get it off my hard drive. In addition,
commenting does not work, if spam is detected.
2007-05-19 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.59
* Again, a number of CheckStyle issues fixed.
* Switched to new HttpMultipartRequest library (2.00b9)
* Added upload progress bar. Unfortunately, it's still kinda
kludgy, but we'll try to fix it. The backend stuff works; it's just
the UI which looks like a brick of legos built by a two-year old.
* New package: com.ecyrd.jspwiki.ui.progress, which manages different
kinds of progress systems.
2007-05-14 Dirk Frederickx (dirk.frederickx@gmail.com)
* i18n default.properties included, inline with last BrushedTemplate commit
2007-05-11 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.58 - 3nd Brushed Template commit (still more to come)
* Quick Navigation box has been refactored and now uses the new RPC-JSON in the backend.
Search icon added.
* Update of all Editors, including FCK and WikiWizard. (i18n alignment)
you can now also use wysiwyg editors in the Comment.jsp. There is still a
widht/heigh bug in the combination WikiWizard & FireFox (visible in Comment.jsp)
* Font-size is based on the default browser settings. For FF this is pretty large.
You can now adjust the font-size in the UserPreferences.
* Many bugfixes: e.g cookie handling.
2007-05-13 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* Installed "FindBugs" and "Checkstyle", and found about 1500
problems. This update fixes a number of minor code style issues.
No functionality changes, therefore no revision bump.
2007-05-11 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.57 - 2nd Brushed Template commit (more to come)
* Remove Info tab from all screens, as it causes overload on the wiki server,
but also to avoid confusion when similar screens are served from different URLs.
The info page has back it own existence, with small optimalisations.
* Mootools library upgraded to v1.1, just released
* Added code prettifier from Google. (use %%prettify around code blocks)
* Several smaller refactorings on jsp's and i18n default.properties
The new more-info menu gets replaced by dropdown when browser has javascript on.
* Bugfix on numberformat reported by Frank Fisher.
See http://www.jspwiki.org/wiki/BugAttachmentAndInfoTabsAreBlank
2007-05-08 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.56
* Tiny refactorings all over the place; removing unnecessary
imports, renaming fields, removing compiler warnings,
that sort of stuff.
* Removed jmxri.jar and jmxtools.jar from the distro - since
we require 1.5 anyway to compile, there's not much point in
putting them in here. Most J2EE containers already ship
with a JMX implementation anyway.
2007-05-08 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.55
* Tiny optimization for PageManager, improving the performance
for pageExists(String,int), if CachingProvider is in use.
This should help considerably in listing page histories.
2007-05-07 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.54
* Several performance optimizations, including:
* Added PermissionFactory, which caches the permissions using
a WeakHashMap. Creation of PagePermissions is relatively expensive
due to permissions parsing, so this should help a lot. All routines
should be using the PermissionFactory.getPagePermission(), if possible.
* Refactored AbstractCommand constructor so that it no longer uses
String.replaceAll(), which is a very expensive operation due to
regular expressions. It's still expensive, but the biggest pain
point is now resolved.
* InfoTab just lists ReferringPages one deep - three-level deep nesting
ended up using something like 30% of all CPU power on a moderately
link-heavy page.
* Bug fix: if the user updated his account (e.g. by requesting a new
password) AND his account was created in the old days when
XMLUserDatabase was using platform default formatting for dates,
the dates were in different formats, causing XMLUserDatabase to
behave irrationally.
* ReferredPagesPlugin now allocates a bigger buffer for creating
html to avoid allocation overhead. Ditto for TabbedSectionTag.
2007-05-06 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.53
* Changed the behavior of the UserDatabase and GroupDatabase classes
so that the save/delete methods are atomic. Consequently, the
commit() methods in these classes are deprecated and will be removed
in a future release. The reason for this change is simple: the
commit() methods made no sense and were never *not* used. Also, added
a new method, rename(), that permits renaming of profile login names.
References to commit() were removed from all classes, including
test classes.
* Recently added status flags for UserCheckTag were moved to
UserProfileTag and renamed. The new property values are
"canChangePassword" and "canChangeLoginName" and are used in
ProfileTab.jsp to selectively display input fields. These
properties also allow negation too (e.g., !canChangePassword).
* UserManager receives final tweaks to allow profile renaming.
Modified ProfileTab.jsp slightly to accommodate this new feature.
* Minor de-stringification and anal-retentive i18n tweaks.
* Fixed several failing web unit tests. A few still fail, though.
2007-05-05 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.52
* Fixed TemplateManager.listSkins() so that it returns only
directories, not everything.
* Added SearchManager.JSONSearch.findPages(), though be warned that
it can be really slow. An API change to SearchProvider needs to be
done before this can be fixed.
* Reformatted ChangeLog to word wrap at column 80 to make it more
readable...
* A major commit of new Admin.jsp and AdminTemplate.jsp and all the
related paraphernalia. It's not yet complete, but the framework is
getting there. Due to the use of JMX, JSPWiki now requires JDK 1.5
to compile (though it should happily continue to run under 1.4 as
well).
2007-05-03 Dirk Frederickx (dirk.frederickx@gmail.com)
* 2.5.51 - Brushed Template incorporated.
* Bulk commit of Brushed Template. Expect things to be broken :-)
JSPWiki now has a tabbed-user interface, skins, slimbox attach-viewer,
improved jspwiki-styles suchs as table-filters, accordions, tips,
etc. etc... Look 'n feel is still very ikea like. Read the
jspwiki.css to change color scheme. Additional menu items are now
visible via a "More...." dropdown.
* Javascript is based on the mootools library.
* Many JSPs are now driven by JSTL's EL. Not yet 100% completed.
* Only plain editor has been updated. No work done yet on WikiWizard,
FCK
* The JSPWiki template has been tested on safari and FF.
Feedback on IE 6.x and 7.x. is appreciated.
* RecentChanges plugin now sets colspan correctly. (formatting of
recent changes page)
* Two skins added: Smart and OrderedList. These skins are not yet
tested 100%.
2007-05-01 Andrew Jaquith <andrew AT freshcookies DOT org>
* Enhancement: checked in back-end code that removes the restriction
on changing login names and user names ("full names") after
registration. To do this, UserManager emits a new WikiSecurityEvent
called PROFILE_NAME_CHANGED that signals when the login name or user
name changes. PageManager and GroupManager listen for this event,
and will make all appropriate changes to page ACLs and groups that
contain the old user name(s). The front-end changes (JSP tweaks)
are nearly finished and will be checked in shortly.
* Added a new method for AclManager, setPermissions(), that persists
Acls. The DefaultAclManager (which extracts Acls from wiki page markup)
implements setPermissions() by injecting the [{ALLOW ....}] markup
into the wiki page.
* Synchronized thread-sensitive methods in the AclImpl/AclEntryImpl
class.
2007-04-28 Andrew Jaquith <andrew AT freshcookies DOT org>
* Enhancement: user profile JSPs no longer request a distinct wiki
name when a user registers. The wiki name is now computed automtically;
it is the user name without any whitespace. This change should make
registration even easier. In the various user manager/database
classes, UserProfile/DefaultUserProfile.setWikiName() is hereby
deprecated and will be removed in a future release. However,
getWikiName() remains, as does the UserDatabase method findByWikiName().
The UserDatabase classes do not change their public APIs, and they
still persist WikiNames so that they can be searched. However, when
UserManager loads a profile from the UserDatabase, it always re-computes
the wiki name.
* Tweaked i18n resource file to remove references to "wiki names" in
favor of just plain old "names." Typographically correct curly quotes
were substituted wherever needed.
2007-04-23 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.48 - Bugfix
* Bugfix: NullPointer Exception on initReferenceManager, reason
was that it indirectly uses the filterManager -> m_filterManager
has to be initialized before.
2007-04-23 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.47 aka the JavaMail refactoring release
* Enhancement: To increase security, MailUtil gains the ability to use
container-managed JNDI JavaMail session factories, in addition to the
standalone factory configured via jspwiki.properties. JNDI is now the
preferred method of obtaining mail sessions, and will always be attempted
first before falling back to the stand-alone method. See the JavaDocs
for MailUtil. All of MailUtil's internal code, test properties
and JavaDocs were also totally refactored. A sample JNDI block for JavaMail
was added to web.xml; it is commented out by default.
* Enhancement LostPassword.jsp now uses POST for form submission.
* Enhancement: Profile registrations now automatically trigger an
e-mail confirmation to the user, if an e-mail address was supplied.
* Bug fix: page-save workflow does no longer sends rejection SimpleNotifications
to users unless they have already authenticated when they save the page.
Also, the submitter's authentication status is added as a Fact for the
approver to consider.
* WorkflowBuilder.buildApprovalWorkflow now interprets a null value for
the rejectedMessageKey parameter as meaning "don't send a notification"
upon rejection.
* MailTest moved to the *.util package, which was where it belonged.
2007-04-22 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.46 - my birthday release!
* PermissionTag now allows a list of permissions just like
CheckRequestContextTag, as well as negative permissions. Based
on an idea by Dirk Frederickx (whose last name I will learn to
spell one of these days).
2007-04-17 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.45
* Checked in workflow support for user profile creation. Now, new profiles
can be routed for approval before they become active. The name of the user,
role or group that approves new profiles is contained in jspwiki.properties
under the property jspwiki.approver.workflow.createUserProfile. If not
supplied (the default), user profiles are created without requiring approval.
* UserManager receives a proper unit test, at long last. We test with
approval workflows turned on and off.
* Minor bug fixes to the Fact and WorkflowBuilder classes.
2007-04-15 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.44
* Found the b*****d. VariableManager makes an unsafe assumption
that WikiContexts will always have an associated request and HttpSession.
This isn't always true with a WikiContext passed along in a Workflow,
which will come from an earlier point in, and from a potentiallly different,
Http session. We now check explictly for the presence of the HttpSession
before querying it for wiki variables.
2007-04-15 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.43
* Many incremental changes to the workflow package to increase
ease of use. A new WorkflowBuilder class includes a factory method
for composing simple approval workflows. SaveWikiPageWorkflow and
the workflow.impl package goes away, and instead the workflow code
for saving pages moves to inner classes in PageManager (it is now
much smaller because it uses WorkflowBuilder).
* Unit tests for the page-save workflow now simulate PageFilter failures
so that proper propagation of exceptions is verified. Should help Janne a lot.
* Workflow.jsp receives minor UI tweaks, notably the replacement of submit
buttons with a JavaScript-driven dropdown. The default.properties
localization file receives properties in preparation for the new user profile
workflow (not checked in yet, because it isn't debugged).
* The UI for approving workflows currently contains a nasty, intermittent NPE
that is resisting my best efforts to debug. It usually occurs when selecting
the 'approve' option. It results in Decisions being removed from the workflow
inbox, and the page does save correctly -- so it is essentially "cosmetic".
However, it's ugly and we need to fix it. Assistance is most welcome.
* If you are a US citizen, it is that time of year again. Many happy returns.
2007-04-09 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.42
* Modified the PagePermission implies() algorithm so that the "rename"
permission no longer implies "modify" (or "upload"). This will allow
separation of uploading attachments from page edit/rename actions.
Thanks to Tim Koop for the suggestion.
* Added WikiContext.MESSAGE to support workflows and other processes
that need to send a non-exception-related UI message in response
to user events. Also added a top-level Message.jsp and template.
Changed DisplayMessage.jsp slightly to use the <c:out> tag, which
gives us protection against cross-site scripting.
* Added 'throws WikiException' to all methods meant to be
implemented by workflow subclases: notably Step.start(),
Decision.decide(), Workflow.start()/restart(). Now, if these
methods encounter exceptions they will abort the workflow and
propagate the exceptions to callers.
* Many tiny little Javadoc fixes.
* Fixed failing PageRenamerTest.
2007-04-10 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.41
* Added David Au's new set of patches for WYSIWYG editing.
* WikiEngine.scanWikiLinks() no longer renders the page; it just
parses it. This should provide some speedup at startup.
* Changed the default template resource bundle from
webdocs/templates/DefaultResources.properties to
etc/i18n/templates/default.properties (more logical).
* Added class remapping ability. See etc/ini/classmappings.xml
and ClassUtil.java for further information. This is not yet a complete
feature, but it brings some simple AOP to JSPWiki.
* Javascript is now localized. The key-string mappings reside in
templates/<template>.properties; and the correct method to call is
"<key>".localize(args). Thanks to Dirk Frederickx for the help!
2007-04-09 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* Added a number of unit tests to AllTests runs; they were not being
properly included, so a number of them were not run during a regular
unit test run...
2007-04-09 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.40
* Fixed AuthorizationManager failure to add attachment
when jspwiki.security=off. [BugAddAttachmentFailsWithContainerAuthentication]
* Upgraded freshcookies-security lib to 0.54. This new version accepts
a user-supplied charset for parsing security policy files.
Previously, PolicyReader defaulted to the platform default encoding.
* AuthorizationManager, when it initializes, supplies the default
JSPWiki encoding to the updated freshcookies PolicyReader class.
Many thanks to Harry Metske for identifying the need for this, based on his
experiences using JSPWiki on a platform where EBCDIC is the default.
(Which is probably a mainframe; yegads.)
* Fixed bug that was causing Workflows to be added multiple times
to the "history" queue; this was caused by recent changes to the
WikiEventManager classes.
2007-04-02 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.39
* Fixed bug in SessionsPlugin which threw an Exception
at startup. Reported by Harry Metske.
* Greatly improved SpamFilter logging. There's a new SpamLog
which can be used to track all changes; accepts and rejects.
* SpamFilter no longer adds Akismet-rejections to the temporary
ban list. Akismet is non-deterministic, so it's kinda annoying
for users who just quite don't know why this is happening.
* Fixed also some dumb bugs in the way SpamFilter was
computing the delta.
2007-04-02 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.38
* Added Note plugin from John Volkar.
* Added PAGE_REQUESTED, PAGE_DELIVERED events fired by
WikiJSPFilter. Unfortunately, no such things are fired for
attachments. Note that attaching to these events is very noisy.
Thanks to Murray Altheim.
* Renamed TestHtmlStringToWikiTranslator to
HtmlStringToWikiTranslatorTest to conform to other tests.
2007-03-31 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.37
* Forward ported fixes from 2.4.102
* Fixes issue with a number of plugins failing due to wrong
initialization order.
* Moved everything pre-2.4.0 to OldChangeLog. Oh, the memories...
2007-03-29 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.36
* Moved FilterManager initialisation in the wiki engine to the bottom,
so that all object references to modules are already available to
a page filters initialize method. This is important to register
event listeners there.
* Added a destroy method to the PageFilter interface. Destroy is
called upon engine shutdown. You can use this to close global
resources that you opened in the PageFilters initialize method.
2007-03-26 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.35
* Refactored the XML-RPC implementation a bit to provide proper
authentication/authorization.
* Upgraded to Apache XML-RPC 2.0.1.
2007-03-24 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.34
* Added Mikkel Troest's patch to AttachmentServlet to fix issues
with uploading and file size.
* Added DynamicAttachments and their generation. You can now go
and build attachments which do not exist in the repository, but
are generated on-the-fly. See the attachments package and related
documentation.
* Bug fix: [open bugs] would not be recognized as wikipage OpenBug.
* Changed ETag generation to make it unique per page.
2007-03-19 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.33
* Changed signature of sendMail in MailUtil from using WikiContext
to use WikiEngine. WikiContext was not needed. This enables us
to use the mail util, even if no Wiki Context is available.
2007-03-19 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.32
* Fixed a bunch of Eclipse warnings; hopefully no functionality
changes.
* Fixed BugInlineImagesCaseSensitive - inline image lists are now
case insensitive (yay!). Thanks to Harry Metske.
* Fixed BugMultiWikiCreatesRSSFileInWrongPlace. Thanks to Harry Metske
again. Now, if the rssFile property is set to an absolute path, it is
used instead of a relative path to the wikiengine home. This allows you
to have separate paths for multi-wikis.
* Fixed BugReferringPagesPluginLinksNonExistingPages, thanks to
Candid Dauth.
* Implemented IdeaRemoveDuplicatesFromSessionsPlugin from Harry Metske.
2007-03-19 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.31
* Fixed Bug with LostPassword.jsp: If you set access priviledges for
a wiki completely private (even view) then you where not able to restore
the password since LostPassword.jsp required login.
2007-03-18 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.30
* Fixed BugReferenceToRenamedPageNotCleared
* Fixed BugTableHeaderNotXHMTLCompliant
* Fixed BugInitializablePluginNotInitialized
* API Change: The signature of PageFilter.initialize() now
also includes the WikiEngine. This was necessary, because otherwise
the initialize() -method was essentially useless for most use
cases.
* Added ParserStagePlugin interface. This allows a plugin to be
executed even during parsing of the wiki page, not until the render
stage.
* Added David Au's patches to get the FCK support back up to speed
again.
2007-03-17 Janne Jalkanen <Janne.Jalkanen@ecyrd.com>
* 2.5.29
* Forward ported fixes from 2.4.100.
2007-02-28 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.28
* Improved MailUtil: Added authentication support, so
that you can use mail servers that require an account
(the OpenRelay issue...). You now also can indicate
a different smtp port. Changed LostPassword.jsp accordingly.
2007-02-25 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.27
* Upgraded bundled log4j to 1.2.14; freshcookies-security to 0.51.
* Fixed 2 failing RPCHandlerTest tests by counting changes relative
to beginning of test, rather than absolute changes.
* Changed all JSP taglib declarations to use JSP 2.0-compatible tags.
Also upgraded jstl.jar and standard.jar to JSTL 1.1 versions. Note:
if you are a template developer, you should change your taglib
declarations as follows:
New:
<%@ taglib uri="http://java.sun.com/jsp/jstl/fmt" prefix="fmt" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
Old:
<%@ taglib uri="http://java.sun.com/jstl/fmt" prefix="fmt" %>
<%@ taglib uri="http://java.sun.com/jstl/core" prefix="c" %>
2007-02-24 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.26
* Major enhancement: replaced JSPWiki's dependency on the global,
JVM-wide security policy with a "local policy" that is always
read from WEB-INF/jspwiki.policy. If you have a JVM-wide policy,
the local policy will supplement it. The practical upshot of this
change is that the most common configuration challenge that most
first-time admins face (why won't any pages display?) is gone,
and gone forever. No more fiddling with the java.security.policy
property! The syntax for the local policy is exactly the same
as what it's always been; but now it Just Works instead of
Mostly Works.
* Fixed bug in WebContainerAuthorizer introduced by change to
Java Servlet API 2.4. The parsing class now explictly includes
namespaces in XPath searches. This was not something we needed
to worry about with 2.3 (which used a DTD). The result of this
problem was causing container-managed logins to fail.
* Fixed failing unit tests WebContainerAuthorizer; web tests
CommonCustomTests, CommonTests.
* Minor enhancement to WikiSession now allows full use of non-JSPWiki
supplied JAAS LoginModules in the JSPWiki-custom configuration. Previously,
we considered a user to be authenticated only if a LoginModule had added
Role.AUTHENTICATED to the Subject's principal set. This is clearly
unreasonable for LoginModules that have no knowledge of JSPWiki, such
as Sun's supplied modules or third-party modules used for LDAP
authentication. Now, we consider a user authenticated if they are
not anonymous and not asserted, and we lazily add Role.AUTHENTICATED
in these cases, after login.
* Bug fix: WikiEventManager refactoring in 2.5.24 caused duplicate
listeners to be added in some cases. This has been fixed.
* The security policy file has been simplified to remove redundant
grants that don't vary across roles. It should be simpler to read
and understand.
* Did I mention that local security policies are a big deal?
2007-02-22 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.25
* Added SisterSites.jsp to support the SisterSites standard.
2007-02-21 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.24
* Forward ported features from 2.4.94, including the WatchDog,
and the new, faster WikiEventManager.
2007-02-18 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.23
* Added David Au's patches to re-enable FCK. All you now need
to do is to install FCK, and enable it in the ini/jspwiki_modules.xml.
This also added a new mode for RenderingManager: WYSIWYG_EDITOR_MODE,
which will not render plugins (except some), but keep them in plain
text format.
* web.xml now explicitly declares Java Servlet API 2.4.
* Added AdminBeanIteratorTag
* Bug fix: putting a plugin or a variable on the first line would
cause a crash, if there were more than one paragraph on the page.
Thanks to Terry Steichen for debugging.
* There is now a rudimentary plugin-based administration interface
in admin/Admin.jsp (and the corresponding template files). It does not
quite work yet, and it's definitely unstable, but it's been submitted
to get some comments. The idea is that you can declare in your
jspwiki_module.xml an "adminBean" class, which then offers an
administrative interface to your plugin. As an example, a
PlainEditorAdminBean is implemented (partly).
2007-02-05 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.22
* Added variable mechanism in property files. You now
can declare a variable as a regular property with
prefix 'var.' and then use it with the '$' prefix
in other property values within the property files cascade.
* Factored out property reading from WikiEngine into a new
class called PropertyReader, since it now represents a distinct
concept. Added UnitTest for it.
2007-02-05 Christoph Sauer <sauer AT hs-heilbronn DOT de>
* 2.5.21
* Added possibility to specify cascading properties
in the context-mapping for multiple wiki setups. Added
method to WikiEngine that will check for
jspwiki.propertyfile.cascade.x context properties, where
x is a number from 1 to n. Properties specified in those
files will overwrite values specified in the default jspwiki.properties
file or a properties file of a lower cascade.
This is based on an idea by Olaf Kaus, see [JSPWiki:MultipleWikis]
discussion.
2007-01-30 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.20
* Minor tweak to the i18n properties file to add in some whitespace
between words for several messages (DefaultResources.properties).
* Corrected a SessionMonitor failure to correctly stash a WeakReference
in the user's HttpSession, which was causing downstream ClassCastExceptions.
Thanks to Marc Pateet for isolating the issues. I haven't tested this
fix extensively, so please let me know if it fixes (or does not fix)
the issue.
* I continue to be flabbergasted at the speed at which my new dual-core
MBP runs the 737 JUnit tests in the JSPWiki test suite: about 2min 45s,
compared to 7min on my old machine. This has no place in a ChangeLog, I know.
But still.
2007-01-29 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.19
* Synchronized with 2.4.91
2007-01-08 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.18
* Bug fix: fixed DefaultResources.properties trailing space in multi-line
property that was causing Role and Group memberships on the Profile
tab of UserPreferences to fail to display. If you were wondering why
UserPrefs wasn't showing group memberships -- well, it's fixed now.
* Bug fix: PageActions.jsp now links to UserPreferences as a JSP, not
as a wiki page. Also gains a Workflow link for authenticated users.
* Minor enhancement: WikiEngine gains an accessor for the DifferenceManager
(getDifferenceManager). This is used by the workflow classes.
* Minor enhancement: To support workflow, WikiContext gains new a context,
WORKFLOW. It does not require special privileges to access. WikiCommand
gains a corresponding WORKFLOW command.
* Second major checkin of the workflow package. The API is mostly stable,
but it should still be regarded as volatile. Workflow now includes
a working user interface (Workflow.jsp). UI has a workflow "inbox" (for
decisions a user has been asked to make) and an "outbox" (for workflows
a user has started). Users must be authenticated to see their workflows.
* 'SaveWikiPageWorkflow' is now operational. It provides moderation for
saving wiki pages, and is turned off by default. See jspwiki.properties
for configuration guidelines.
* To test workflow, enable SaveWikiPageWorkflow via jspwiki.properties.
Note: a cosmetic NullPointerException occurs in some cases after approving
page saves; this does not prevent the actual page save. This will be
fixed very soon. Other than this, approve/deny/abort features work nicely.
* TestEngine gains accessors for the 'admin' and 'Janne' sessions.
2007-01-02 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.17
* Happy New Year everyone!
* This release adds a significant new package for modeling
workflow operations (com.ecyrd.jspwiki.workflow). This package allows
arbitrary combinations of "steps" to be modeled, with support for
unlimited branching and support for human intervention. The core class
is the Workflow class. Workflows are composed of Steps, which can be
Tasks (which run uninterrupted) and Decisions (which require input
from named Principals -- users, roles or groups). This initial checkin
is well-tested and solid code, but the API should not be considered
stable... yet. There are NO user-interface classes as yet.
Additional front-end JSPs that provide a UI will follow in the coming weeks.
* The initial sample Workflow subclass, checked in today, implements moderated
page changes (SaveWikiPageWorkflow). It has an undocumented configuration
interface, which I will detail more fully when the UI is closer to completion.
* See the (very complete) JavaDoc for more details. I'm VERY psyched
about this new capability, and once we get flesh out the interface you all
will be too!
* Enhancement: changed throws clause in I18NManager methods.
* Enhancement: added new dir (etc/i18n) and a resource file called
CoreResources.properties for message strings for the core JSPWiki packages
(that is, not plugins, tags or JSPs).
* Enhancement: added new event class, WorkflowEvent, to support workflow
create/run/pause/restart/halt/complete events.
2007-01-01 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.16
* If there was no default locale set, I18NManager.getBundle()
would fail.
* Attachment links with new character set work now.
* Section titles are now returned back to 2.5.14 behaviour.
* Some tiny i18n work on TableOfContents.
2006-12-31 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.15
* English resource files had some &apos;'s in them. Replaced
with &#39;. Turns out that &apos; is an entity in XML, but
not in HTML - and therefore IE does not recognize it. Fun,
but for once IE is correct in their standards support. Found
by Harry Metske.
* The LinkParser would not boot jspwiki.org content due to
being too strict: ("[]") would cause a RuntimeException being
thrown, which would not be caught until a very high level.
Fixed LinkParser to use a new declared exception "ParseException".
Reminder to self: RuntimeExceptions are evil.
* This is a biggie: increased the number of allowed characters
in a wikiname. Now the list reads " ()&'*+,-=._", so yes,
spaces are allowed now. Added MarkupParser.wikifyLink() to
keep compatibility with previous versions, and also enhanced
CommandResolver to be able to figure out old-style links.
Please be aware that this is not yet a final set of characters,
so using this version may cause a legacy you might have to
deal with it painfully later on. Also, note that the code is
largely untested right now, and many unit tests are failing
right now, so consider this now "bleeding edge". Please give
feedback on what the proper set of characters should be.
2006-12-29 Janne Jalkanen <jalkanen@ecyrd.com>
* v.2.5.14
* Bug fix: 2.5.9 was breaking unit tests badly, thanks
to a missing null check.
* Bug fix: Any markup in the first paragraph would break
paragraph detection in JSPWikiMarkupParser.parse().
Reported by Murray Altheim.
* Added patch from Murray to add the "target" attribute to
the Image plugin.
* CommentedPropertiesTest no longer requires JDK 1.5. Thanks
to Murray for spotting this!
2006-12-27 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.13
* Added LinkParser class from Murray Altheim. Thanks!
Links now have a new, extended syntax. You may add metadata
to a link by adding a new bar: [text|link|attributes]. Only
a subset of attributes is allowed, as described in LinkParser.
This allows you to have things like link targets and link
relations.
2006-12-26 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.12
* Fixed bug with Login/LoginContent that was preventing
page redirection upon login from working properly. The
corresponding web unit tests now all work again, too.
* Fixed minor bug in Ant Hsql database teardown task
that would cause the test db to erroneously think the
database didn't need starting, even if it did.
2006-12-23 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.5.11
* Fixed failing auth unit tests and web unit tests.
* Fixed compilation errors for *GroupContent JSPs.
2006-12-20 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.10
* Mass commit of code from 2.4.87
2006-12-18 Christoph Sauer <sauer@hs-heilbronn.de>
* 2.5.9
* Bugfix in FilterManager: Filter Manager used
getClass().getResourceAsStream( "/filters.xml" ) to locate filters.xml.
To ensure that it reads it from WEB-INF like described in the
documentation we have to use the same aproach like with jspwiki.properties:
engine.getServletContext().getResourceAsStream( DEFAULT_XMLFILE );
2006-12-16 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.8
* JSPWikiMarkupParser now exports parseToken() method, which
can be used by subclasses to modify or change the default
markup rendering. There are a couple of caveats: first,
don't forget to call super.parseToken() if you don't do
anything; second, you might create a completely non-compatible
version of JSPWiki with this method. So be very, very careful.
Note also that this is an experimental way yet, so I would
very much like to hear feedback before we cement it to stone.
* CreoleRenderer now correctly renders plugins and images.
2006-12-13 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.7
* JSPWikiMarkupParser will now ignore whitespace between
list bullet and list - makes no difference and produces more
unambiguous code.
* Added CreoleMarkupRenderer, which currently supports
WikiCreole 0.2 syntax. This is a highly experimental feature.
You can't do much with it yet, since we're missing a backconverter.
* JSPWikiMarkupParser now properly produces <p> tags for
all paragraphs - UNLESS there is just a single paragraph, in
which case old behaviour will follow.
* Bug fix: DefaultResources.properties was still using some
{0,date} strings instead of just strings. Reported by Harry
Metske.
2006-12-11 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.6
* Merged in JSPWIKI_2_4_BRANCH changes up to 2.4.84.
2006-11-28 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.5
* plain.jsp did not compile due to last-minute changes in
package structure. Reported by Juan Pablo Santos Rodriguez.
* InternationalizationManager was not properly initialized.
Reported also by Juan.
* TableOfContents was using wrong resource bundle. Reported
by Juan.
* LoginContent.jsp was failing, if someone localized the login
button. Reported by someone (remind me and I will fix this entry)
2006-11-27 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.4
* Added rpc package, JSONRPCManager, and added preliminary
support to get suggestions in plain.jsp over AJAX. Yes,
JSPWiki just gained AJAX support using JSON...
* Moved AtomAPIServlet to rpc/atom under the assumption that
nobody was using it anyway.
2006-11-21 Christoph Sauer <sauer@hs-heilbronn.de>
* 2.5.3
* Checked in WikiWizard 1.1:
Major Improvements:
- Now supports multiple file uploads
- Speed up loading by putting config file init
in extra thread
- Highlighting of %% tags
- "Mark Occurences" function similar to eclipse
- Drag 'n Drop Interface for extension bar
for details please take a look
at /applets/WiWi-INF/ChangeLog.txt
2006-11-20 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.2
* Synchronized with 2.4.81.
2006-11-12 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.1
* Fixed LoginContent.jsp so that it compiles.
* Fixed issue with PolicyLoader when the URI found had a "file:"
in it.
* Fixed some other issue which I can't remember right now because
I drunk some very nice Tomintoul 27 years old single malt whiskey.
2006-11-09 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.5.0
* Split off 2.4 to its own JSPWIKI_2_4_BRANCH stable development
branch. HEAD is now 2.6 development branch.
* Mass commit of i18n code. Almost everything is localized now,
but unfortunately we only support English right now.
2006-11-07 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.78
* A bunch of minor refactorings suggested by Aron Gombas,
including:
* Visibility of member variables in WikiContext have been checked -
things were made more private, except m_request is now protected to
help in subclassing.
* JSPWikiMarkupParser also has visibility checked a bit to help
in subclassing - the different link types are now protected,
and a new factory method createAnchor() was added.
* JSPWikiMarkupParser now checks WikiContext for overrides for
most variables.
2006-11-06 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.77
* Hopefully fixed login redirection issues when using
container authentication. If the user did not have permissions
even after login, this would result in a constant series of
redirections.
* Added run_webtests.sh
2006-11-06 Christoph Sauer <sauer@hs-heilbronn.de>
* 2.4.76
* added fix from Chuck Smith so that WikiWizard.jsp now is valid XHTML:
document.write() function in JavaScript is deprecated, instead
document.addEventListener("DOMContentLoaded", changeWidth, null)
is used now to modify the the DOM Tree after it is loaded.
2006-11-04 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.75
* Added patch from Tomasz Szymko to fix previews when adding
comments. Thanks!
* Added patch from Murray Altheim to provide timestamps in
WikiEvents, and added a new SESSION_EXPIRED event as well.
* Session monitor now fires SESSION_EXPIRED events.
2006-10-29 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.74
* Improved startup a bit; now the log files should be better in
case you have a problem in your jspwiki.properties. It's still
not perfect, but it's better. The unfortunate side effect is
that you'll start getting 404 errors instead of error messages
when you are trying to access the site.
* Got rid of jspInit() in all top-level JSP files. This is a
bit nicer and simpler all around.
2006-10-28 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.73
* Patch from Neil Miller to fix PageManager which was not using
proper getProperty().
* AttachmentManager.listAttachments() now sorts the attachments.
Suggested by Fabio Bonin.
* If jspwiki.useCache was set to false, finding pages would
not work with VersioningFileProvider, thanks to some really old
optimization code that never got updated. Removed optimization,
hey presto! It works!
* Spam filter now includes change notes in its checks as well.
* WikiEventSource is now gone, since it was not used for anything.
Thanks to Murray for the heads-up!
2006-10-21 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.72
* SpamFilter is now a lot smarter. I enlisted a small guy
called Herb, who has agreed to sit in the JAR file, and watch
for any spam. Log files are a bit better, too.
* SpamFilter will now watch at consecutive modifications, and
mark them as spam, if there are too many similar-looking
modifications (no matter what IP they're from).
* SpamFilter can now connect to Akismet (www.akismet.com).
You need to get your own API key, though, and put it in the
filters.xml config file. Unfortunately we don't yet have
the ability to mark "ham" and "spam".
* ShortURLConstructor did not handle CONFLICT situations
correctly.
2006-10-17 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.71
* Small fix from Tomasz Szymko: jspwiki.css has information
and error images reversed.
* Comment.jsp did not compile. Reported by a number of people.
Ooops...
2006-10-13 Erik Bunn <ebu@memecry.net>
* 2.4.70
* Minor mod to WeblogEntryPlugin: now accepts a 'page' parameter,
like WeblogPlugin. Allows providing a 'new entry' link on some
page other than the actual blog page; this may be useful e.g.
for alternate views of a blog page.
2006-10-12 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.69
* Added a couple of patches from Tomasz Szymko to fix a problem
with messages from the AttachmentServlet, and a problem with
EditLinkTag.
* Added patch from Murray Altheim to fix a problem with
TextUtil.replaceString() - it would be dying under certain
circumstances.
* Added patch from Murray to add "_bounds" parameter to the
plugin invocation. _bounds consists of an integer array (int[]),
where element 0 is the start of the plugin position in the page,
and element 1 the end.
* Small fixes to LuceneSearchProvider.
2006-10-09 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.68
* Hopefully fixed the "ACL not refreshed at startup" problem,
reported by many people.
2006-10-08 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.67
* Enhancement: JDBCUserDatabase will now use transactions, if the
back-end database supports them. In addition, JDBCUserDatabase now
nails up a single, long-running connection instead of continually
opening and closing them. Log message verbosity expanded slightly.
* Enhancement: GroupDatabase now has a relational database implementation
called JDBCGroupDatabase. It supports transactions and is configured
using a container-managed JNDI DataSource, exactly like JDBCUserDatabase.
Unit tests and DDL setup/teardown scripts were upgraded for the
new implementation. Sample scripts are included for PostgreSQL and
Hypersonic.
2006-10-06 Janne Jalkanen <jalkanen@ecyrd.com>
* Fixed a bunch of javadoc warnings; not enough to warrant a
version bump.
2006-10-05 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.66
* Added small patch from Neil Miller to fix WikiEngine.getInstance()
which was not properly passing its arguments. Thanks!
* Added patch from Murray Altheim which makes ReferenceManager and
SearchManager to behave as EventListeners for page deletion. Notably,
AttachmentManager and RenderingManager do not yet fire or listen these
events (needs fix).
* Added PAGE_DELETED and PAGE_DELETE_REQUESTED from Murray.
* Added patch to JSPWikiMarkupParser from Murray to make some of the
attributes publically accessible and less magic.
* Fixed ShortURLConstructor again for some contexts (FIND, DELETE & PREFS)
2006-10-01 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.65
* Bug fix: fixed an issue with WikiContext that caused ACLs and policy settings to
be ignored when accessing the default front page. This bug was introduced during
the AAA mega-patch in July (2.4.25). Note: we still have an unrelated bug
with ACLs not being applied the *first time* pages are loaded.
2006-10-01 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.64
* WikiPage.clone() was not cloning everything; this should now be fixed.
* Included patch from Neil Miller to make RenderingManager use the
eventing system instead of PageFilters. Thanks!
* ShortURLConstructor now supports group functionality.
* Fixed an annoying bug which appeared if saving failed for some reason
(e.g. when SpamFilter would reject an edit): the cache would still
contain the changed page metadata. We now make a clone of the
WikiPage before we attempt a save.
2006-10-01 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.63
* WikiSession receives several under-the-hood changes to improve session
stability. The technique used to detect session status changes now includes an
explicit check for prior authentication; this should prevent sudden "downgrades"
from authenticated status to asserted (cookies). User/login Principals and
the status strings (anonymous/asserted/authenticated) are cached now, rather
than dynamically calculated. WikiSession gains a new public method, isAsserted()
that does what it says. Finally, WikiSession now takes responsibility
for populating the JAAS Subject with user profile principals, rather than
the various login modules.
* AuthenticationManager now fires an event called LOGIN_INITIATED whenever
the authentication status changes, signifying that the JAAS login stack
executed (but without regard to whether it succeeded). WikiSession listens
for this event and updates its cached principals. AuthenticationManager
also now fires explicit events called LOGIN_ANONYMOUS and LOGIN_ASSERTED
in addition to LOGIN_AUTHENTICATED.
* In the name of code simplification, event support was removed from the
Group class. It was redundant and made things more complicated. Consequently,
GroupManager loses its GroupListener inner class, and WikiSecurityEvent gets
rid of types GROUP_ADD_MEMBER, GROUP_REMOVE_MEMBER, GROUP_CLEAR_MEMBERS.
If you really really need these let me know, but in the meantime the coarser-
grained GROUP_ADD and GROUP_REMOVE will do what we need.
* UserDatabaseLoginModule no longer populates WikiSession's Subject with
user profile principals; this was moved to WikiSession. This should make
pure, authentication-only login modules possible, such as for LDAP and Kerberos.
Because authentication and user profile storage are better separated, it will
prevent the need to subclass and hack XMLUserDatabase. WebContainerCallbackHandler
no longer needs a UserDatabaseCallback as a result, so the callback was removed.
* Bug fix: LoginForm now injects a WikiContext, but only if one does not already
exist in the page context. This plugs the bug introduced in 2.4.60. Page redirection
after login works for both container and custom authentication; the web unit
tests now test for this condition explicitly. The fix has been tested with
Tomcat and JBoss 4.
* Fixed a bunch of failing auth tests.
2006-09-28 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.62
* Fixed the fix for the login-redirection issue, patched in 2.4.60.
"Regular" logins (those without a subsequent redirection) now work again.
Thanks to the indefatigable Terry Steichen.
2006-09-27 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.61
* Fixed a couple of failing tests (recent changes caused slight behaviour
change)
* Bug fix: the Wiki Event INITIALIZING is now fired after log4j is running -
this stops about a zillion of errors in the container log file.
* Slightly juggled with the built-in system filter priorities to make sure
that they are executed in correct order.
* Added a small fix to saveText() to check if it possibly fixes some problems
with disappearing ACL lists or other metadata. Our provider interface is
desperately in the need of an overhaul...
2006-09-27 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.60
* Fixed typo in SecurityConfig.jsp that caused group verification to
report the number of "users" rather thank groups. Credit: Chuck Deal.
* Fixed a series of related, minor bugs that caused JSPWiki to always
redirect to the front page after login, even when instructed to redirect
to another page. This fix also resulted in the removal of a redundant
WikiContext creation in LoginForm. Thanks to Terry Steichen for figuring
out where to look.
2006-09-24 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.59
* XMLGroupDatabase and XMLUserDatabase now represent dates using
a locale-independent, machine-independent format. To preserve backwards
compatibility, JSPWiki will attempt to parse dates using the platform
default format if parsing with the standard format fails. New records
will always be saved in the standard format.
2006-09-24 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.58
* Some internal reshuffling of Managers.
* PluginManager and EditorManager now check if a module is
compatible with JSPWiki. You can state your own compatibility
by declaring it in the jspwiki_module.xml file, as
<minVersion>2.4</minVersion>, and/or
<maxVersion>2.6.32</maxVersion>.
* 2.4.57
* Added change notes also to attachments
* Attachment names are now also beautified (though just the
page name part). This should help the problem when RecentChanges
plugin overflows.
* Cleaned away a few compiler warnings
* Improved some PluginManager javadocs
* BasicAttachmentProvider has now more sanity checks and should
no more throw wild NPEs at startup.
* Fixed
BugLuceneSearchProviderNotReadJspwiki.lucene.analyzerFromConfiguration
Thanks to Ekkasit Takoungsakdakul for pointing this one out!
(And I am very sorry I did not notice that bug report earlier.)
2006-09-21 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.56
* Added patch from Kalle Kivimaa to fire the event with the
proper principal at logout. Thanks!
2006-09-15 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.55
* Added patch from Joseph Schmigel to recognize IP
addresses in sortable tables. Thanks!
* Added new icons from Murray Altheim so that we could
get rid of all Creative Commons-licensed icons. This was
done so that JSPWiki 2.4 could be included on Debian. Thanks
heaps for the good work!
* Reverted to previous behaviour with respect to WikiWizard:
no longer closes applet and div with javascript, which should help
in IE.
2006-09-12 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.54
* Added patch from Murray Altheim to fix WikiEventManager
javadocs, as well as made it return booleans on a couple
of methods. Thanks Murray!
2006-09-10 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.53
* Removed FCK.jsp from the distribution (since we don't distribute
FCK, it's sort of weird to have it there breaking things).
* Bug fix: Comment.jsp now catches RedirectExceptions
* Bug fix: BugReportHandler also catches RedirectExceptions and
now gives a proper error report.
* Limited change note length to 80 characters.
2006-09-09 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.52
* UserManager now checks to make sure that a user can't
specify as a wiki name somebody elses's full name or login
name. This check is peformed for all other combinations of
these three user profile fields also. This is a potentially
serious security flaw, so all users should upgrade.
2006-09-08 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.51
* Added patch from Malte Kiesel to fix a problem which caused
overwriting of user profile.
* Fixed WikiJSPFilter writing the wrong content length to the
response (we're skipping setting the length for now).
2006-09-07 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.50
* Test release to check whether we can solve some WebLogic
issues.
* Split WikiServletFilter to WikiServletFilter and WikiJSPFilter.
The latter takes care of JSP stuff, the former of all other types
of data. WikiJSPFilter uses getWriter() extensively, while
WikiServletFilter is for those instances that use
getOutputStream(). Thanks to Marc Patteet for the help.
* Renaming now also renames attachments (assuming that the
attachments exist - if they don't, then there's no way to know
which pages refer to them (bar going through all pages).
* Changed web.xml to reflect the new filters. Don't forget
to update!
* Added "print" style for jspwiki.css in commonheader.jsp. This
should fix problems with printing looking different from screen.
Reported by Steve Lihn, fix from Dirk Frederickx
* Fixed InfoContent.jsp for WebLogic. By Marc Patteet.
2006-09-06 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.49
* Witness the awesome p0w3r of unit testing. Fixed the
unit tests added in the morning so that we now hopefully
are fixing BugStrangeRenameBehaviour. Reported by Candid
Dauth.
* Bug fix: ReferenceManager was not removing all references
to a page if it was renamed, resulting in "hanging" pages.
* Added a bunch of new unit tests to check for page
renaming problems. At the moment most of them fail, suggesting
that there is something wrong in PageRenamer...
2006-09-05 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.48
* Bug fix: it was possible to gain user privileges simply
by faking the cookie. This is a serious problem and all
people running 2.4.x are suggested to upgrade. Thanks
to Andrew for the fix.
* SecurityVerifier no longer gets confused, if you state
a property using "==" instead of "=".
2006-09-05 Christoph Sauer <sauer@hs-heilbronn.de>
* 2.4.47
* Added title and accesskey attribute to
LinkTag, EditLinkTag and PageInfoTag. You can now set
accesskeys to edit pages in the PageActions.jsp
Use the title attribute to add a tooltip text to indicate
the speedkey you used.
2006-09-04 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.46
* Bug fix: PageLock was using acquisition time for both
expiry and acquisition. Fixes BugLockNotWorking. Reported
by Terry Steichen.
* Added WikiContext.hasAdminPermission() as a convenience
method.
* Changed SpamFilter to check for AllPermission instead of
a group called Admin - this is better because of i18n.
* SpamFilter now checks also the changenote before saving.
* Added the possibility to escape }}} within a preformatted
section by using ~}}}. Suggested by several people at
WikiCreole.org...
2006-09-04 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.45
* Bug fix: When SpamFilter rejected something, there would
be no message shown in RejectedMessage. Reported by
Terry Steichen.
* Removed plenty of documentation from the default wikipages
package. It was out of date, and better written up at
doc.jspwiki.org anyway.
* Removed doc/Templates.txt, which was no longer accurate.
2006-09-03 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.44
* Both XMLUserDatabase and XMLGroupDatabase will now check
if the database is up to date. This allows propagation of
databases across wikis (though it's rather flaky; there are
concurrency issues).
2006-09-03 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.43
* Bug fix: If the front page did not exist, would die with
a NullPointerException, when accessed with the default URL
(e.g. /Wiki.jsp, or /wiki/ without the page).
Should fix BugBadDefaultConfig.
2006-09-02 Christoph Sauer <sauer@hs-heilbronn.de>
* 2.4.42
* Fixed Bug with WikiWizard.jsp and Weblogic reported by Marc Patteet
2006-09-02 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.41
* LinkTag should no longer crash if WikiContext does not have
a page attached. Reported by Fabiano Bonin.
2006-08-30 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.40
* Christoph Sauer joins in as a contributor (if only I got
him to update the ChangeLog... ;)
* WikiWizard is now included. Hooray for WIKIWYG editing!
* Small tweaks to the EditTemplate.
* Changed "jspwiki.security=container" to "jspwiki.security=off".
This should make it more clear to people. The old setting
will continue to work.
* Added page info links back to attachments in RecentChanges.
Unfortunate side effect of the new renderer...
2006-08-30 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.39 - The "Piko" release. Rest in Peace.
* Added SearchManagerTest to make sure that our search works.
* Bug fix: LuceneSearchProvider was not indexing the WikiName
of the page.
* Bug fix: SearchManager now always indexes the latest version
of the page (thanks heaps to John Volkar for finding this).
* Disabled ContextualDiffProviderTest.testKnownProblemCases(),
I have no idea how to fix those, and it was never running anyway.
* Disabled JSPWikiMarkupParserTest.testSpanJavascript2() -
it would need a lot more care to make it really run.
* Fixed failing XMLRPC tests.
* Upgraded to Lucene 2.0.0.
2006-08-27 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.38
* WikiEvents are now fired at almost any occasion that seems suitable.
Thanks to Murray Altheim for this mega-patch. Some of the event
classes were also reorganized (thanks to Andrew and Murray).
* SpamFilter no longer counts admins as evil, if they make many
changes/minute.
* WikiServletFilter fails now gracefully if WikiEngine instatiation
fails - should no longer emit dumb NullPointerExceptions.
* FindContent.jsp now hopefully calculates previous- and next
search sizes correctly.
* Change Notes are now visible in page history as well. Unfortunately,
the visuals suck. Anyone want to help to make them look better? Just
don't make them too wide...
* Change Notes are now limited to 60 characters (totally arbitrary).
2006-08-21 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.37
* Faced with physical threats at WikiSym, I added the "change note"
feature. Hope y'all are happy now :-D (Well, okay, it does not
work in the page info yet; I'm thinking what would be a good
presentation so that the page does not get overly wide).
* Bug fix: jspwiki.tld had the wrong attribute for RequestResourceTag.
Reported by Marc ?.
2006-08-14 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.36
* Bug fix: UserProfileTag was not printing groups. Reported by
Dirk Fredericx.
2006-08-13 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.35
* Fixed BugPreformattedTextWithHtmlDoesnTWorkIfAllowHTMLTrue. Thanks to
RealGagnon and an unknown submitter.
* Fixed BugStyleDoublePercentProblem. There are two new tokens:
/% can also be used to stop a style, and ~<space> is a non-rendering
space.
* Fixed BugNullPointerExceptionWhenInsertingImagesWithoutAlignAttribute.
Thanks to Candid Dauth for pointing it out.
* Added patch from Laurent Courtin to fix
BugTableOfContentsDoesnTWorkWithPageNotInAscii. Thanks!
2006-08-12 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.34
* Implemented RequestResourceTag (oops, it had been skipped for
some reason).
2006-08-09 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.33
* RecentChangesPlugin was missing a quote in the generation
of author names.
2006-08-08 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.32
* Fixed an astoundingly brain-damaged bug in WikiContext that caused
all wiki contexts to use the default template in all cases, regardless
of the setting in jspwiki.properties. This bug was introduced by the
2.4.25 security mega-patch. The fix, of course, was three lines
of code. Now that it's in, I'd like to put down my crack pipe
long enough to thank Terry Steichen for spotting this.
2006-08-01 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.31
* Bug fix: BugArbitraryHTMLMarkupInHeadingIsRenderedByTableOfContentPlugin,
reported by Jerome Duprez.
* Bug fix: BugCenteringImagesUsingImagePluginDoesNotWorkInFirefox,
contributed by Alex Reid.
* Bug fix: BugCanKeepPressingNext20ResultsOnResultSearchPage. Rewrote
the scriptlets in FindContent.jsp to provide a better experience
overall.
* Bug fix: BugReferringPagesPluginDontWriteNobobyAfterFiltering.
Reported by François Burtin.
* Removed a bunch of compiler warnings found thanks to upgrade to
Eclipse 3.2.
2006-08-04 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.30
* Fixed cosmetic bug that was causing all search results to
appear with the name "Search".
2006-08-01 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.29
* Character encoding is now set in the servlet filter, not
WikiEngine.createContext() anymore. This should remove certain
cases where character encoding got lost.
* 2.4.28
* Fixed a HUGE number of potential problems, found using FindBugs.
Problems included such as:
* Now many Comparators are also Serializable
* hashCode() is now implemented properly on objects that do
equals()
* clone() is rewritten to use super.clone()
* Many inner classes were made static to save extra effort
* Forms package classes had really dubious null checks which
were rewritten.
* TranslatorReader is no longer used in the code anywhere. Even
the TranslatorReaderTest is gone. The class, however, remains,
until we can refactor it to be a facade for JSPWikiMarkupParser.
* Coding style is now a local setting instead of a global
setting...
* And a lot of small bits and pieces...
2006-07-31 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.27
* Bug fix: SecurityConfig was erroneously reporting that externally set
values for java.security.policy did not resolve to existing files,
even when they did.
* Bug fix: SecurityConfig was erroneously reporting that wiki groups
could not be deleted, even when this function actually worked
properly.
2006-07-30 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.26
* Fixed editor textarea width, thanks to Gordon Smith.
2006-07-29 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.25 - a.k.a. the AAA mega-patch
* This release completely changes the way JSPWiki manages wiki groups.
They are no longer stored in pages; instead, GroupManager controls
access, while back-end storage is provided by the GroupDatabase interface.
This change has caused many other changes. More details:
* GroupManager changes from an interface to a concrete, final class. Group storage
is now handled by a separate GroupDatabase interface. The default implmentation is
XMLGroupDatabase. In addition, Group becomes a concrete final class; DefaultGroup
and DefaultGroupManager disappear. Group gets a new method groupPrincipal() that returns
the equivalent GroupPrincipal. Many new unit tests created for all of these changes.
* Group creation handled in UI by NewGroup.jsp. Editing is via EditGroup.jsp.
* UserProfileTag gains a property "groups" that will print the list of wiki groups
the current user belongs to. The "roles" property now just prints the roles.
* Default security policy (jspwiki.policy) gains grant entries for group
viewing, editing, deletion permissions. By default, users must be at least
"asserted" to view group members, and must be a member of a group to edit
the membership.
* PermissionTag gains three new permission checks: "viewGroup", "editGroup", "deleteGroup".
* Group principal injection responsibilities moves to WikiSession from AuthenticationManager.
* The hard-coded restriction on pages prefixed "Group" has been lifted.
* SecurityVerifier adds tests for GroupPermission. Better support for detecting
exceptions. Adds tests for adding/deleting Groups.
* New Groups plugin prints a sorted list of the wiki groups in the group database;
generates a hyperlink to each group page.
* JSPWikiInstaller (Install.jsp) receives a makeover and substantial enhancements to
support the new group scheme. When the wiki is set up, we now create an administrative
user and an Admin group. It also uses the default CSS.
* The new Command class is now fully integrated into WikiEngine.createContext()
and the WikiContext constructors. Practically speaking, this means that the
page names and redirect errors shown on pages will actually show something useful
when non-pages are accessed (e.g., access denied for UserPreferences.jsp won't
print the non-sensical "you don't have access to 'Main'). WikiEngine delegates
page-resolution responsibilities to CommandResolver. Minor changes to new
Command/CommandResolver classes to make JSP page names "friendlier".
* WikiSession.getUserPrincipal now defaults to the wiki principal, rather than
the full name. This means that favorites auto-linking won't break. It also gains
a method getRoles() that returns the roles and groups the user possesses.
The method doPrivileged(WikiSession,PrivilegedAction) allows actions to be
executed using the user's privileges. WikiSession's getSubject() method has been
removed; it was a security risk.
* Substantial changes to the AAA package tests. Web unit tests changed to accomodate groups.
* Minor refactoring: AllPermission, WikiPermission, PagePermission. AllPermissionCollection.
* Bug fix: closed <span> tag in InsertPagePlugin
* WikiContext.getName() provides a "safer" shortcut than calling WikiContext.getPage().getName()
because not all wiki contexts apply to pages. This change was made to: TableOfContents plugin;
most of the top-level JSPs; TranslatorReader; PageNameTag.
* Container role principals are now injected at login time by WebContainerLoginModule,
rather than the AuthenticationManager.
* More use of checked exceptions. Authorizer.initialize() throws WikiSecurityException
* WikiSecurityEvent gains the event type PROFILE_SAVED, emitted by UserDatabase. Most
of the security events are now marked as "debug" level events, which means the logs
will be much less chatty (this is a temporary hack).
* AuthorizationManager gains a new public method: getAuthorizer()
* The WikiEventSource "marker interface" added to class declarations for AuthorizationManager
AuthenticationManager, WikiEngine. EventSourceDelegate used in place of cut-and-paste code
for these classes also.
* TextUtil.password generator now uses SecureRandom instead of Random.
2006-07-24 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.23
* Andy J. fixes what he broke... namely the build. Thanks
to Mark Rawling for pointing it out.
* SessionMonitor achieves escape velocity and becomes its own class,
breaking free of WikiSession's gravity.
* WikiSession.guestSession() changes to guestSession(WikiEngine).
This required small tweaks to a few classes, notably the RPC handlers
and parts of the Auth code.
* Various classes receive small code tweaks in preparation for upcoming
builds. WikiContext gains three new group-related contexts; WikiEngine
gains code to initialize CommandResolver and a related accessor;
* GroupPrincipal gains a two-argument constructor that accepts the
wiki name as the first parameter.
* WikiPermission's action strings are now public. Ebu's been waiting a while
for this.
* CommentedPropertiesTest's missing test.properties file is now in CVS.
2006-07-23 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.22
* Added several classes and interfaces to support upcoming
AAA refactoring. These do not affect functionality, because
they are not referenced by any existing classes. New classes
include: (1) Command interface and related AbstractCommand,
PageCommand, GroupCommand and WikiCommand implementations;
(2) WikiEventSource interface and EventSourceDelegate class,
both in events package; (3) GroupDatabase interface and sample
groupdatabase.xml files and (4) CommentedProperties class for
reading and re-saving properties files that include comments.
Again, these classes are not yet actively used.
* Minor tweak to TestHttpServletRequest to support parameters and
servlet path.
* Removed cruft from HttpUtil; no functionality changes.
* WikiBackgroundThread now contains a getEngine() accessor.
2006-07-17 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.21
* RCSFileProvider had a rare concurrency issue with the
SimpleDateFormat. Reported by Bosmon on IRC.
2006-07-17 Erik Bunn <root@d183.fi.basen.net>
* Modularized RenderingManager. By setting
jspwiki.renderingManager.renderer in jspwiki.properties, a custom
WikiRenderer can be specified. Defaults to XHTMLRenderer.
2006-07-13 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.20
* Fixed BugNoMoreThanOneSortableTablePerPage. Thanks to
Juan Pablo Santos Rodriguez!
2006-07-13 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.19
* Added "InternalModule" interface. This is just an empty
interface which a module can declare and not get listed
in SystemInfo, for example. Used internally by JSPWiki.
* Fixed a major issue with page renaming: thanks to an
erroneus context sent downstream, the page which was renamed
from would get random contents.
* Page rename would not change referrers if the breakTitleWithSpaces
option was set on.
2006-07-12 Erik Bunn <Erik.Bunn@basen.net>
* Made ParamTag attribute 'value' non-required; tag body is
acceptable for value. (This should not warrant a version bump.)
2006-07-02 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.18
* BugReportHandler was dutifully adding the "_cmdline" to the
pages it was creating...
* Fixed some quote issues in commonheader.jsp and
PreferencesContent.jsp which were causing issues with
WebSphere. Reported by Robin Tew and Thorsten Nordholm S?birk.
2006-06-28 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.17
* WikiSecurityEvent.toString() would die if you had a null principal...
2006-06-17 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.16
* Bug fix: SessionMonitor.sessions() now returns the same
number of sessions as userPrincipals(). Credit: Terry Steichen.
Also, the array of Principals returned by userPrincipals() is now sorted.
* WikiSession receives lots of Javadoc tweaks and minor
cleanup-oriented fixes (e.g., member visibility changes) that
do not change functionality. The class, and all of its methods, are
now marked final. The setSubject() method, which was not called
anywhere, was removed; it was a potential security risk.
* Ant 'javadoc' task now links to J2EE 1.3 API.
* Added table entry to SystemInfo page to display list of active users.
If you feel this is a privacy risk, remove the line from SystemInfo.
2006-06-23 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.15
* Fixed issue with absolute URLs and ShortURLConstructor (we were
using %U where %u should've been used in ERROR and NONE contexts).
Thanks to jim from IRC for pointing this out.
* Added patch from Brad Johnson to give better error output if
RCSFileProvider fails.
* Added patch from Murray Altheim to support _cmdline in PluginManager.
This allows a plugin to do completely custom parsing.
2006-06-17 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.14
* Enhancement: all background threads now subclass a new class called
WikiBackgroundThread which will gracefully shut themselves down when
they hear a 'wiki shutdown' event. These threads are, at present:
WikiSession.SessionMonitor, PageManager.LockReaper, RSSThread, and
LuceneSearchProvider.LuceneUpdater. These threads are NO LONGER
daemon threads, which means they won't stay in memory when
the wiki webapp is removed.
* Enhancement: Added protected method shutdown() to WikiEngine that is
triggered by WikiServlet catching webapp destroy() events. Shutdown()
fires a WikiEngineEvent called 'shutdown' to all listeners, which at
present includes all WikiBackgroundThreads. New class added:
WikiEngineEvent. To catch container events, WikiServlet was changed in
web.xml to load at startup. This is a dirty hack, but not too dirty.
* Enhancement: Major refactoring of WikiSession to include a background
'monitor' thread that removes expired wiki sessions. This means that
session-count information should be accurate to within a minute
of when your web container expires its sessions. The background thread
is an inner class called SessionMonitor that subclasses WikiBackgroundThread.
WikiSession also gains a method called getUserPrincipals(WikiEngine)
that returns an array of Principals that represents the current
users currently using the wiki.
* Enhancement: SessionsPlugin receives parameter 'property' to specify what
session information should be returned. If set to 'users', plugin
returns the list of current users. If omitted, it returns the number of
active sessions. Thus, [{INSERT SessionsPlugin property=users}]
will actually print the names of current users -- neat!
* Enhancement: Group interface receives a long-awaited members()
method that returns the wiki group's current members as an array
of Principals.
* Enhancement: thread responsible for RSS generation extracted out of
WikEngine and moved to its own RSSThread class.
* Bug fix: to support multi-wiki webapps, WikiSession.getWikiSession's
method signature now includes a parameter for the current WikiEngine.
Check your custom JSPs to see if this affects you (it shouldn't; none of
the default JSPs currently use this method).
* Bug fix: Fixed deprecated methods used in LuceneSearchProvider.
* Bug fix: added sensible session timeout defaults to TestHttpSession
to prevent some tests from failing.
* Minor signature change to GroupManager: commit() now throws WikiException.
* Minor refactoring of WikiEvent class and subclasses to add getType()
method to superclass.
2006-06-05 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.13
* Added EditorManager patch from Chuck Smith. This now allows
fully dynamic editor selection using a drop-down menu in EditContent.jsp
* Added EditorIterator tag from Chuck, too.
* Fixed some IE tab layout issues, thanks to Dirk Fredericx.
2006-06-05 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.12
* Added Hypersonic embedded database for JDBC testing. Enabled
JDBC testing in build.properties to use Hypersonic by default.
Added license file; corrected file extensions of two others.
* Removed database scripts for Mckoi embedded database.
* Added Ant target called 'tests-auth' for JDPA debugging of
AuthorizationManagerTest.
* Minor Javadoc fixes.
2006-05-28 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.11
* WikiSession received minor refactorings to remove the set/getLastContext()
methods. These were used for only one purpose anyhow (WebContainerAuthorizer)
and the net result was that their inclusion was preventing garbage collection
of expired WikiSessions. WikiSession also receives a removeWikiSession()
method, which removes wiki sessions from its internal cache, and is called
during logout.
* Bug fix: WikiSession.sessions() and the related SessionsPlugin now
more accurately reflect the number of current WikiSessions, instead of
continuously incrementing. (Technically, the counter shows the number of
non-GCed sessions.) In the future a "session reaper" would make this even
better.
* Bug fix: Removed divide-by-zero error from SecurityVerifier.
* Bug fix: DefaultGroup and DefaultGroupManager now store their
WikiEventListeners in WeakHashMaps to prevent listener objects
(such as WikiSession) from being reclaimed by GC.
* Bug fix: WikiDocument now stores its reference to WikiContext
as a WeakReference, so that caching operations won't prevent GC
of the WikiContext.
* Bug fix: Corrected text on the default PreferencesContent.jsp
to reflect recent e-mail reset function.
* Bug fix: Fixed listener bug DefaultGroupManager that was preventing
WikiSessions from receiving updated GroupPrincipals when groups
were changed to include new members in certain cases.
* Bug fix: Fixed 'index out of range' error caused by zero-length cookies.
* Bug fix: WebContainerAuthorizer now recognizes roles declared in
web.xml for elements web-app/security-role/role-name, in addition to
those declared for web-app/security-constraint/auth-constraint/role-name.
* Moved hack-ey code that injects web container Role Principals from
AuthenticationManager to WebContainerLoginModule, where it belongs.
* As part of the memory-leak fix, WebContainerAuthorizer no longer
relies on a sneaky call to WikiSession.getLastContext().getHttpRequest()
to test whether a user possesses a particular container role. Instead,
we (only) inspect the user's Subject's Principal set for the desired role.
This means that changes to container's user/role mappings are NOT
reflected until the next time the user logs in.
2006-05-28 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.10
* Atom feeds now validate properly
* RSS and Atom feeds are now served with proper media type
2006-05-20 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.9
* Enhancement: UserDatabase interface includes two new methods:
getWikiNames() for enumerating the users in the current database,
and deleteByLoginName( String ), for removing users. I have implemented
these methods to the concrete classes JDBCUserDatabase and
XMLUserDatabase. Thanks to Frank Fischer for his patches; they
served as the basis for these changes. I have *not* added convenience
methods to UserManager... yet.
* Enhancement: SecurityVerifier includes new code that checks to make
sure the UserDatabase is initialized properly, and that it can add
and delete users correctly. Also, admin/SecurityConfig.jsp includes
a new section ('UserDatabase') where results of the checks are displayed.
* Minor tweaks to the database setup scripts to include update/delete
privileges for the roles table.
* Minor tweak to web unit tests to account for cleared cookies at logout.
2006-05-20 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.8
* Enhancement: AuthenticationManager now injects role Principals
at login time from the external authorizer into our WikiSession's
subject. This works with all Authorizers, including (of course)
WebContainerAuthorizer. This enables grants to Principals of
type com.ecyrd.jspwiki.auth.authorize.Role to be specified in
the Java security policy. In particular, this means that policy
files can be broadened to include container roles.
WebContainerAuthorizer received a new method to accomodate this.
* Enhancement: Added grant block in jspwiki for administrator groups
principal com.ecyrd.jspwiki.auth.GroupPrincipal "Admin" (wiki group)
and principal com.ecyrd.jspwiki.auth.authorize.Role "Admin" (container
role). Added new wiki page to distribution, GroupAdmin.txt with an
empty (disabled) membership, which makes the administrator group
secure by default. We expect that a future enhancement to Install.jsp
will overwrite the contents of this file, thus "enabling" the admin group.
* Bug fix: Uploaded JDK1.4-compatible version of freshcookies-security.jar.
* Bug fix: Fixed error in jspwiki.policy.
* Bug fix: Changed WikiEvent so that its toString() method does not
leak credentials.
* Bug fix: Logout.jsp now removes "asserted" identity cookies.
This is arguably less confusing to users.
* Bug fix: Removed SecurityConfig.jsp from web.xml constraint (for now).
* Removed spurious import in AuthorizationManager.
* Massive refactoring and huge improvements to SecurityVerifier and
admin/SecurityConfig.jsp. Janne, it should even for you now. :)
* AllPermissionCollection now accepts WikiPermission and PagePermission
types in its add() method. The newPermissionCollection() method for
WikiPermission and PagePermission returns a new AllPermissionCollection().
2006-05-09 Dan Frankowski
* 2.4.7
* Fixed SearchBox "edit" bug when
jspwiki.urlConstructor=ShortURLConstructor
* Add a link on the attachment page back to the original page
2006-05-09 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.6
* Fixed NPE in ReferenceManager.pageRemoved (thanks
to JMarquart).
* ShortURLConstructor did not have PREVIEW context
available; thanks to Malte Kiesel for the fix.
* Added quick fix from Dan Frankowski to generate
JDOM javadoc links.
* Plain URIs in text are now parsed properly and no longer
cut at the first "=" sign.
* NewGroup.jsp would occasionally throw NPEs if the context
was null - fixed by ICantRememberWhoAnymoreBecauseILostTheEmail.
Thanks anyway!
2006-05-07 Andrew Jaquith <andrew AT freshcookies DOT org>
* 2.4.5
* Added a new JSP for verifying JSPWiki's security
configuartion, admin/SecurityConfig.jsp. This JSP
collaborates with a new class, c.e.j.auth.SecurityVerifier.
SecurityConfig will verify the presence or absence of
the JAAS login config file, the security policy file,
and container-managed auth constraints. It will also
validate that the correct JAAS login configations exist,
and will print a summary table showing the privileges
that apply to each role. Much needed, and should
help folks get their security working.
* To support the security verifier, small (non-public)
changes were made to WebContainerAuthorizer. This class
also gains a new public method isConstrained(String, Principal).
* Bug fix: AuthenticationManager's method of finding
its JAAS and security policy files changed so that
full (absolute) patchs are discovered, rather than
local (JNDI) paths.
* Bug fix: small change to default security policy file
jspwiki.policy. It now includes commas between the
codebase and principal entries, as it should have.
* Added a small third-party utility jar (my own)
for parsing security policy files.
2006-05-06 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.4
* Added activation.jar and mail.jar to the distribution
* AuthenticationManager now complains if it cannot
locate the JAAS LoginManager information, instead of
failing with NPE.
* PagePermission.hashCode() no longer fails with NPE
if wiki is not set (normally, though, you would never
need it, but there are certain cases where this might
occur).
* Added a great patch from Dan Frankowski which allows
recovery of forgotten passwords! Please see your
jspwiki.properties for new SMTP options.
* Added search results filtering based on permissions,
i.e. you no longer see pages to which you have no
access to. Requested by many people.
* Login button is now on its own line instead of being
hidden in the right corner. Helps those people who
like to "hunt and click" on the mouse.
2006-05-01 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.3
* Added fix from Rolf Schumacher: no longer outputs
password to the log file in Tomcat. Oops.
* Fixed a failing unit test
* atom.jsp is now gone; please use "rss.jsp?type=atom"
* Fixed SearchBox.jsp issue reported by Dirk Fredericx.
* FeedDiscoveryTag should now offer Atom 1.0 feeds.
* WeblogPlugin no longer considers empty comment pages
as "1 comment".
2006-04-30 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.2
* Page Renamer did not write the author name properly to
any pages that were changed due to referrers changing.
* Page Renamer would accidentally do double-encoding of
XHTML entities... Yes, there's a difference between
getText() and getPureText(). Thanks to suomigo.net
community for finding this one out.
* WikiEngine.renamePage() API signature was changed
because of this... It now takes a WikiContext as well.
* Login.jsp did not write proper content encoding.
2006-04-26 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.1
* Updated README.
* Split old stuff from ChangeLog to OldChangeLog
* Added missing SearchPageHelp
* PageActions.jsp now checks if login is allowed
* Install.jsp now sets "jspwiki.security=container" to make
first-time installs easier.
* AuthorizationManager returns now "false", if security is
set to container and you ask for login permissions. This
drops the "Login" button from the display, if JSPWiki is
not managing authentication, fixing an annoyance.
2006-04-25 Janne Jalkanen <jalkanen@ecyrd.com>
* 2.4.0
* SearchResultsIterator now can start from a given place
* You can now see all of the search results - just click on
"next 20 results".
* Included patch from Dan Frankowski to support returning
of search fragments. Thanks!
* Upgraded to Lucene 1.9.1
* Removed slash from allowed characters in wikipage - that would
create pages that were impossible to link to. Oops! It must've
been some debug code left in...
* LinkTag now removes extra whitespace from link text; this allows
you to use multi-line <wiki:Param> tags without the text becoming
too unwieldy...
* Search now also supports Google-like "are you feeling lucky"
-functionality. Just click on "Go!" in the search page.
* Search help is now on a page called "SearchPageHelp".
* Added support for left-to-right and right-to-left markup with
the %%ltr and %%rtl default styles. You can copy them from the
"jspwiki.css" file.
* Minor cleanups to build.xml.
* CheckLockTag would get confused if two people were trying to
create a non-existent page at the same time. Reported by
Mark Rawlings.