- Remove the mistakenly-left-in single sign out config options. (If you try to set them, devise_cas_authenticatable will now give a warning and do nothing.)
- Remove the mistakenly-left-in single sign out handling code in the Warden strategy (fixes #160)
- Rails 7 compatibility fixes (thanks @francesco-loreti!)
- No changes from 2.0.0.alpha1. This version has been successfully tested by two developers in production apps. (If you do run into issues, please report them in this Github project!)
- Switch from RubyCAS-client, which is deprecated, to rack-cas
- Remove Devise.cas_client, Devise.cas_login_url, Devise.cas_logout_url, Devise.cas_validate_url, and cas_client_config_options as a result of this change
- Remove single sign out support (since rack-cas supports it natively)
- Fixes for single sign out on Redis session store using newer Redis gems (thanks @ledestin!)
- Rails 5.1 deprecation fix (thanks @jamgregory!)
- Correct an issue where the single sign-out logs would incorrectly state the session was found (thanks @hugohernani!)
- Document how to change the SSO strategy (thanks again @hugohernani!)
- Yet another Rails 5 compatibility fix with single sign-out (CacheStore's API for destroying sessions changed)
- Support Redis as a single sign-out store (thanks @tubsandcans!)
- More Rails 5 compatibility fixes (thanks @debborafernandess and @drobny!)
- Fix middleware syntax for Rails 5 compatibility (thanks @drobny!)
- Remove Gemfile symlink from built gem; hopefully this will make installation easier on Windows
- No longer requires net/telnet in order to work properly, so Ruby 2.3 can work out-of-the-box
- May the 4th be with you!
- Prevent redirect loops when using memcached as a session store (thanks @fabioperrella!)
- Work around weird
#try
behavior on older Rails versions
- Support RedisSessionStore (thanks @dandyn!)
- Suppress warnings about
Devise.secret_key
not being set in production mode (thanks @joraff!)
- Allow single sign-out code to find the app's session store when NewRelic is in the middleware stack (thanks @brendancarney!)
- Add support for the Dalli session store (thanks @bonyiii!)
- Generation of cas_action_url is now done by a customizable class, so you can use Rails routes to provide this (thanks to @eturino again!)
- Internal refactor to avoid conflicting with common route names, specifically logout_url (thanks to @eturino!)
- Allow changing the CAS response field used as the unique key for finding users (thanks once again to @gmoore!)
- Remove a deprecated dependency (thanks to @gmoore)
- Fix a wrong variable name that could break debug logging (thanks again to @gmoore)
- Be less verbose in the log during single sign-out (thanks to @liudangyi)
- Backport the 1.1.x series' logout_url features to the 1.0.x series for super-old apps
- Better single sign-out support for ActiveRecord session store users and README fixes (thanks to @fernandomantoan)
- Don't redirect to the (probably useless) Devise login page when the user is unauthorized - this is the CAS server's responsibility. (thanks to @kylejginavan)
- Redirect to CAS logout URL when Warden receives the :inactive status, which should allow using active_for_authentication? (thanks to @bentoncreation)
- Bug fix for single sign out when using Rack >= 1.5 (thanks to @activars)
- Rails 4 deprecation warning fix (thanks to @reidmix)
- Rails 4 compatibility fix (thanks to @McRipper)
- Drop support for Rails 2.3, Devise 1.0 and 1.1
- Custom failure class for optional redirecting to logout url upon timeout (thanks to @geoffroh and @kylejginavan)
- Bug fix: use Devise.sign_out_via to configure the HTTP verb sign_out will accept.
- Rewrite of the single sign-out module to improve compatibility with newer Devise versions, other ORMs, and be less complex overall (thanks Jeremy Haile and Endel Dreyer!)
- Bug fix: don't modify request.protocol when generating a logout_url (thanks Tse-Ching Ho!)
- Rails 4 compatibility fixes (thanks Aaron Patterson!)
- Support the service_url parameter in rubycas-client on logout (thanks Kyle Ginavan!)
- Only do schema stuff if using Devise 2.0.x or below
- Add cas_client_config_options so that users can add unsupported RubyCAS options such as encode_extra_attributes_as
- Add configurable destination and follow URL support (thanks Dyson Simmons!)
- Allow applications deployed at sub-URIs to work (thanks Tod Detre!)
- Only add trailing slash to base URI if it's not already present (thanks joe81!)
- Some documentation updates.