Revision history for ApacheDBI.

0.88 January 12, 2001
	- fix bug in child_init: consider 0 as valid result for a
	  semaphore id.
	- remove defined(@array), which is depreceated in perl5.6

0.87 September 28, 1999
	- fix for the usage of the environment variable DBI_DSN 
	  introduced in 0.86 was still incomplete.

0.86 September 27, 1999
	- in AuthDBI remove check of configured data_source in order to allow 
	  the usage of the environment variable DBI_DSN. Bug spotted by 
	  Oleg Bartunov <oleg@sai.msu.su>.
	- applied patch from Matt Loschert <loschert@servint.com>,
	  which avoids 'Use of uninitialized value ...' in Apache::DBI.
	- added new attribute 'Auth_DBI_encryption_salt' as proposed by
	  Nathan Clemons <nathan@windsofstorm.net>.
	  Per default this is set to 'password' which will use the password 
	  as salt for the crypt function. Setting this to 'userid' will use 
	  the userid as salt.
	- fixed bug with setting Auth_DBI_nopasswd to 'on', spotted by 
	  "Sigurjon Olafsson" <sigurjon@gm.is>.

0.85 August 24, 1999
	- change separator of Auth_DBI_data_source, Auth_DBI_username and 
	  Auth_DBI_password from comma to tilde, in order to avoid clashes 
	  with embedded attributes in data_source. 
	  Bug spotted by Oleg Bartunov <oleg@sai.msu.su>.
	- applied patch to Apache::DBI.pm from Tim Bunce <Tim.Bunce@ig.co.uk>
	  which solves the problem that Apache::DBI did not return a ref cursor.

0.84  August 21, 1999
	- combine Apache::AuthenDBI and Apache::AuthzDBI into one package 
	  Apache::AuthDBI.
	- discard Apache::DebugDBI. Debugging can be enabled by setting 
	  the variables Apache::AuthDBI::DEBUG and Apache::DBI::DEBUG to 
	  appropriate values.
	- the attribute 'Auth_DBI_cache_time' has been discarded. The
	  cache time now has to be configured upon server startup using the
	  method setCacheTime(n).
	- optionally use shared memory for the cache used for authentication
	  and authorization as proposed by Rauznitz Balazs <jomagam@yahoo.com>. 
	- make the PerlCleanupHandler, which cleans the cache in Apache::AuthDBI, 
	  configurable. Per default it is switched off. 
	- connect attributes for authentication and authorization may be a 
	  list of several servers, all of which will be used until the first 
	  connect succeeds.
	  Proposed by Matt Loschert <loschert@servint.com>.
	- the PerlCleanupHandler in Apache::DBI.pm, which is supposed 
	  to initiate a rollback in case AutoCommit is off, will only be 
	  created, if the initial data_source sets AutoCommit to 0.
	- fixed bug with empty password, which didn't fall through for
	  authoritative = off, spotted by "Graham Johnson" <graham@iii.co.uk>.
	- analogous to the environment variables REMOTE_GROUPS and REMOTE_GROUP 
	  the selected passwords and the matched password are put into the 
	  environment variables REMOTE_PASSWORDS and REMOTE_PASSWORD. 
	  Proposed by Jochen Wiedmann <joe@ispsoft.de>.
	- add traces.txt, which serves as reference for the debug output. 

0.83  August 08, 1999
	- make ping configurable, proposed by 
	  Gunther Birznieks <gunther@nhgri.nih.gov>
	- change $user_sent_quoted to $user_sent when checking for 
	  placeholders (Michael Smith <mjs@iii.co.uk>)
	- bug-fix for encrypted passwords, which have never been taken
	  from the cache. Spotted by Yves BLUSSEAU <yves.blusseau@sncf.fr>.

0.82  June 03, 1999
	- bug-fix spotted by "Dale Manemann" <manemann@dubuque.net>:
	  correct the password handling for the case, where the password has
	  been changed in the database and the old password is still cached.
	- proposal from Honza Pazdziora <adelton@informatics.muni.cz>:
	  add PerlCleanupHandler in Apache::DBI, which issues a rollback 
	  unless AutoCommit is on. 
	- changed behavior of AuthzDBI: the first match of a
	  requirement is sufficient for successful authorization.
	  Prior to this release, all requirement lines had to 
	  be fulfilled. 
	- proposal from Rauznitz Balazs <jomagam@yahoo.com>:
	  new function all_handlers() in Apache::DBI.pm. Returns 
	  all cached database handles, so that other handlers can 
	  perform tasks on them.
	- proposal from Michael Smith <mjs@iii.co.uk>: new 
	  configuration option Auth_DBI_placeholder. Setting this 
	  option to true, will use placeholders for the given userid 
	  in the SELECT statements. This will speedup database access. 
	- proposal from "Jordi 'Matematic' Salvat" <jordi@webarna.com>:
	  replace AuthName with a summary of all attributes relevant
	  for the select statements. This still keeps the userid entries
	  in the cache unique, but solves the problem with different 
	  AuthNames which eventually forces the user to authenticate 
	  several times. 
	- new configuration option Auth_DBI_expeditive from
	  "Jordi 'Matematic' Salvat" <jordi@webarna.com>. 
	  When authorization fails, AuthzDBI returns AUTH_REQUIRED
	  as default. With Auth_DBI_expeditive set to "on" it returns
	  FORBIDDEN if access is denied. Hence this can be distinguished 
	  from the case, where the user just mistyped the password.
	- applied patch from Ask Bjoern Hansen <ask@valueclick.com>:
	  get rid of some annoying "Use of uninitialized value ..."
	- applied patch from Joshua Chamas <joshua@chamas.com>:
	  use eval{ping} to prevent using an invalid database handle.
	- added 'use Apache;' to Apache::DBI.pm as proposed by
          Michael Smith <mjs@iii.co.uk>.
	- implemented multiple passwords per userid as proposed by
	  dan hammer <dhammer@verio.net>.
	- applied patch for case-insensitive user-ids from 
	  <grussell@wiley.com>. 
	- implement proposal from Honza Pazdziora <adelton@informatics.muni.cz>:
	  Auth_DBI_casesensitive replaced by Auth_DBI_uidcasesensitive and 
	  Auth_DBI_pwdcasesensitive. 
	- applied patch from fdc@cliwe.ping.de (Frank D. Cringle):
	  prevent "Use of uninitialized value warning" in error.log.
	- work-around for mod_perl problem spotted by Mike Hayward 
	  <hayward@loup.net>: when building mod_perl as dso, Apache::DBI 
	  was always skipping the connection cache.

0.81  Sep 08, 1998
	- Cache entries consider the AuthName to distinguish 
	  between identical user-ids in different authorization 
	  realms. 

0.80  Jul 26, 1998
	- applied patch from Anto Prijosoesilo <anto@inet.co.th>:
	  change second argument for crypt function from $salt
	  to $passwd in order to be compatible with BSD.
	- applied patch for Apache::DBI.pm from Randy Harmon 
	  <rjharmon@uptimecomputers.com>: reject database connect 
	  during server startup.
	- call CleanupHandler in Authen DBI and AuthzDBI only if 
	  cache_time is configured.

0.79  Jun 06, 1998
	- implemented a simple caching mechanism in AuthenDBI as 
	  well as in AuthzDBI. Per default this cache is disabled 
	  and can be enabled by setting Auth_DBI_cache_time > 0. 
	  YOU NEED AT LEAST VERSION apache_1.3b6 !
	- applied patch from Jeff Baker <jeff@godzilla.tamu.edu>
	  fix menu item for DBI connections that are made using 
	  the Oracle TNS listener.
	- implemented proposal from Leslie Mikesell <les@Mcs.Net>
	  change group-handling in AuthzDBI. All groups related to
	  the given user are selected at once and then put into a 
	  comma-separated list. This list is compared with the 
	  required groups. 
	  Depending upon the existence of Auth_DBI_grp_table, the 
	  SQL-select looks either in the pwd_table or in the 
	  grp_table for the groupid. PLEASE CHECK THE MODULE 
	  DOCUMENTATION AND YOUR .htaccess !

0.78  February 18, 1998
        - applied patch from "B. W. Fitzpatrick" <fitz@onShore.com>
          DBI calls connect always with 4 parameters, even if they
          are empty. This results in an error with DBD-Informix.
        - added '$dbh->disconnect' before 'return SERVER_ERROR;'
          (fyodor@mp.aha.ru <Fyodor Krasnov>).
	- added optional where-clause in AuthenDBI as well as
          in AuthzDBI (Helmut Patay <Helmut.Patay@mch.sni.de>).

0.77 January 18, 1998
        - applied patches from Doug MacEachern:
          o new method  Apache::DBI->connect_on_init()
          o set environment variable REMOTE_GROUP in AuthzDBI.pm.

0.76 December 18, 1997
	- removed unused variable from AuthzDBI.pm

0.75 November 02, 1997
	- strip trailing blanks from password for 
	  fixed-length data type
	- new token: 'Auth_DBI_casesensitive'
	  (Hakan Tandogan <hakan@iconsult.com>
        - fixed bug when using attributes in connect method
        - fixed bug which appeared with perl5.004_04

0.74 August 15, 1997
        - new module: AuthzDBI for Authorization,
          (supports group authorization)
        - complete rewrite of AuthenDBI.
        - configuration directives and functionality 
          of both modules are supposed to be identical
          with mod_auth_msql of the apache daemon.
	- adapted to new DBI connect syntax
	- changed names of config vars to be more
          consistent with other authentication modules.
          PLEASE ADAPT YOUR CONFIGURATION !!!

0.73 July 15, 1997
	- fixed bug in DBI.pm: check return value of connect

0.72 July 13, 1997
	- added logging option to AuthenDBI

0.71 July 01, 1997
	- debugging is now controlled by a global variable

0.7  July 01, 1997
	- changed the way of initiating debug output

0.6  May 20, 1997
	- fixed bug which caused a disconnect with some 
          DBD-drivers (Oracle,...)

0.5  May 16, 1997
	- applied patches from Stephen E Kane <skane@cse.psu.edu>

0.4  May 13, 1997
	- fixed check for first internal request in
	  AuthenDBI.pm

0.3  May  5, 1997
	- make AuthenDBI to be a separate module 
	- adapt to new DBI, so code changes are not 
	  required anymore for persistent connections

0.2  Apr  6, 1997
	- unused methods deleted
	- AuthenDBI integrated
        - method for disconnect added
	- menu item for Apache::Status added

0.1   Mar 15, 1997
	- creation