Privacyidea

* Add User Management
* Add Admin Realms to policies, to allow better policies in bigger setups
* Add API key, that can be used for accessing /validate/check
* Load PSKC Token seed files.
* Add more sophisticated logging. Severe errors via Email
* WebUI: Registrtion token can be enrolled in WebUI
* WebUI: The token seed can be displayed in WebUI after generation
* WebUI: Only the token types that are allowed to be enrolled are displayed
* WebUI: Login_Mode Policy: Disable access to WebUI for certain users
* WebUI: Add reload button in Audit view
* SQLResolver: The Where statement is used in all cases
* SSH-Token Application: Only fetch keys of the requested user
* Apache client can work with several hosts on one machine
* Documentation: Tokentypes and Supported Hardware Tokens
* Improve RADIUS module
* WebUI: Fix download of audit log
* Fix missing access right of user to GET /caconnector

* Add connector to remote Certificate Authority
* Add Tokentype "certificate" to manage certificates for users
Certificates or Certificate Requests can be uploaded.
Certificate Requests (Keypair) can be generated in the browser.
* Add Tokentype "registration" for easier enrollment scenarios.
* Add TokenType "Email" to send OTP via Email.
* Add "First Steps" to online documentation
* Add handling of validity period of token
* Enable download of Audit log as CSV
* Add Resolver Priority, to handle a duplicate user in a realm
* Add TYPO3 Plugin to enable OTP with TYPO3
* Add SCIM Resolver to fetch users from SCIM services
* Fix Failcounter issue
* Fix NTLM password check
* Fix timestep during enrollment

* pi-manage.py: create resolvers and realms
* pi-manage.py: manage policies
* Add LostToken UI
* Add Offline Application
* Add PAM authentication module with offline support
* Add getSerialByOTP. You can determine the Token by providing an OTP value.
* Add auth_count_max and auth_success_max for each token.
* Add PIN encryption policy
* Add API for SAML
* Add bash script for ssh key fetching
* Make WebUI logout time configurable via webui policy.
* Add NTLM authentication to the LDAP resolver.

* Add Machine-Application framework to support LUKS and SSH
to manage SSH keys and provide Yubikeys to boot LUKS
encrypted machines. 100, 10
* Add Machine Resolvers for hosts and LDAP/AD 96
* Migrate more policies like SMS policies. 95
* Restructure WebUI code to ease development 97
* Fix logout problem of user 92
* Fix user list for AD (referrals) 99
* Fix max_token_per_user policy 101

* Migrate privacyIDEA to Flask Web framework
* The WebUI was migrated to bootstrap and angularJS
* The database model was restructered to allow an easier handling and
programming
* Use the pi-manage.py tool to migrate old data
* provide ubuntu packages for privacyidea base package and
privacyidea-apache2 and privacyidea-nginx
* provide pi-manage.py tool to manage the installation and create new admins.
* policies are restructered. Internally the policies now use decorators to
have a minimum code impact. No all policies are migrated, yet.
* OCRA token and Email token is not migrated, yet.

* Fix splitting the -sign to allow users like useremail.comrealm1