Info |
---|
MyTimetable 3.0 is currently in the state 'stabilizing' and is feature-complete. We are currently slowly rolling this new version out to our customers. Please contact us for detailsstable'. MyTimetable 3.0 is tracked using the git branch: |
...
The project has been divided into separate modules for core, dataproviders, web, mobile and external calendaring.
- The configuration system has been reworked, and now includes all property files from the 'config' directory under a directory defined using the Java system property application.home. This makes it no longer necessary to define environment overrides in the Tomcat context configuration XML files. During an upgrade Eveoh staff will convert the old configuration to the new format, or provide you with instructions how to do this yourself.
- The compatibility level of all non-GWT source has been updated to Java 8. MyTimetable now requires Java/JRE 8 and a recent Tomcat version (7.0.54+, most recent recommended).
- Switch to Thymeleaf based templates, to better separate view and controller logic.
- GWT upgrade to version 2.7.0. This also means we switched to 'super-dev' mode and are now using Java 7 source level for the GWT sources.
- Removed AspectJ from the build pipeline and switched to Spring-based aspects. We were not really using the extra AspectJ features, and using AspectJ did interfere with the IDE/IntelliJ build chain, so we chose to remove it.
- Introduced a Gulp / SASS / Bower based build chain for many of our assets (CSS, Bootstrap, JS). During this process many of these dependencies were also upgraded to the latest version.
- jTDS, the Microsoft SQL connector, has been patched to include support for SSL and SQL Server 2014.
- Many improvements were made to the logging configuration. MyTimetable now logs to a separate log file, which is rotated daily. The log file can be found in the Tomcat logs directory. Also the logging can include the username of the user, and through the admin panel is is possible to configure per-user log levels.
- Remote logging has been added. When enabled this logs to an Eveoh provided logstash host by default, see /wiki/spaces/MYTT/pages/3099656255 for details.
- Disabled in-URL session tracking, because it does not work well and is a security risk.
- Added a static authenticator, which supports a fixed username and password, for non-public facing MyTimetable (API or external calendaring only instances).
- Jasig CAS authentication is now supported.
- AD authentication now supports recursive group retrieval.
- Google Analytics tracking code has been upgraded to 'Universal Analytics'.
- More stringent CSRF checks have been added, which may break applications that try to handle OAuth authorisations in the background by automated posting to the login form.
- TLS SNI is now supported for SAML metadata retrieval, which fixes compatibility with a default ADFSv3 installation.
- An XSS issue in the CXF API overview page was fixed.
- The JACOB-based Active Directory attribute reader has been replaced by a JNA-based version. This fixes issues on Win2012 servers, where too much UDP ports were opened by the MyTimetable processes.
- The following dependencies were upgraded:
Spring (4.2.1)
- Spring Security (3.2.8)
Gradle (2.514)
- Joda-Time (2.8.2)
- Servlet API (3.1.0)
- Apache CXF (3.1.2)
- Flyway (3.2.1)
- MySQL connector (5.1.36)
- HikariCP (2.3.8)
- slf4j (1.7.12)
- Logback (1.1.3)
- Guava (18)
- Jackson (2.6.2)
- Commons-codec (1.10)
- Commons-beanutils (1.9.2)
...