WebServerAuth 1.1.1 released

WebServerAuth, which replaces the older apachepas and AutoMemberMakerPasPlugin products, lets your web server handle authentication so Plone doesn’t have to. You can authenticate against anything for which there’s, say, an Apache module—like Kerberos, Pubcookie, or Shibboleth—without having to write any custom PAS plugins.

For anybody who was getting lots of “Your custom WebServerAuth Matching Pattern did not match” errors in their logs, 1.1.1 fixes that. (The trouble was that PAS challenge handlers get called even if you’re already logged in, in cases where you try to access something you don’t have privileges for. It makes sense in retrospect. :-)) This release also makes the configuration page a bit clearer, providing instructions inline instead of making you refer to the readme. Happy authenticating!