Fedora

---------

* Added a create_group method to AccountSystem to allow for creating FAS
groups.

---------

---------

To finish
---------
* For the faswho repoze.who plugin, allow TG1-style authentication -- ie: if
all of the following are set on any URL, authenticate the user prior to
loading the web page::
login=Login&user_name=$FAS_USERNAME&password=$FAS_PASSWORD

--------

--------

* Previous fix for curl/apache interaction was incomplete. Apache returns a
417 error even if the request would have completed okay (for our case, even
if the request is unauthenticated). Have to apply the workaround
unconditionally.

------

------

* Fix Django auth provider with Django-1.2.x or less. These versions of Django
do not have the API necessary to do httponly cookies so we need to not use
httponly if that's the version of Django that we're using.
* Fix for a bad curl-apache < 2.2.18 interaction. Apache < 2.2.18 has a bug in
processing Expect: 100-continue headers if there's data in the body that the
client expects apache to process. Curl is a client that does just that. This
workaround clears the Expect: header so that we do not have those issues.

------

------

* Fix problem with tg_paginate_limit no longer being available in TG-1.1.x.
Use FOO_tg_limit instead in various client libraries.

------

------

* Fix the AccountSystem() class's verify_password() method so that
verification of server SSL certificates may be disabled by setting
insecure=True.
* Fixed AccountSystem.people_by_key() to return a list with both people who
have signed the CLA and have not
* Fix the tg2.utils.url handling with TG-2.0.x
* Fix a deprecation warning in fedora.tg.controllers
* Fix issue in proxyclient where unicode passwords might be encoded to the
wrong byte sequence depending on the locale of the process running it.
* Fix jsonfasprovider2's group handling to not traceback when assigning groups
if there is no record for a given username.
* Fix a traceback in jsonfasprovider2's user_id handling.
* Fix comparison of passwords in jsonfasprovider when unicode passwords are
used. However, this method is actually not invoked under normal use as the
password comparison is done on the server.
* Fix faswho plugin to handle unicode passwords and usernames. Note that this
is a different bug than affected the TG1 auth provider.
* Fix faswho auth plugin to set session cookies as secure and httponly
* Set the Django session cookies httponly
* Add a genshi login template for TG2
* For faswho repoze.who plugin, remove caching during authentication (as caching
does not pick up on logout of a different app invalidating the session and
password changes). We could use caching again if retrieving the full
information about a user took more time than validating their username and
password.
* Simplify implementation of the faswho plugin. Should save on per-request
memory and cache.
* Add AccountSystem.gravatar_url() method that will return a url to a gravatar
for a person.

--------