Merge branch 'release/5.2.0'

CHANGELOG.md

@@ -1,6 +1,21 @@
 # Change log
 All notable changes to this project are documented in this file following the [Keep a CHANGELOG](http://keepachangelog.com) conventions. We try to apply [Semantic Versioning](http://semver.org) with one particular rule: the version must be equal to or greater than the version of the _authzforce-ce-rest-api-model_ dependency (declared in _rest-service_ module's POM). Indeed, this dependency holds the resources of the REST API specification implemented by this project. Therefore, the rule helps relate a specific version of this project to the specific version of the REST API specification that is implemented/supported.
 
+
+## 5.2.0
+### Added
+- REST API spec (authzforce-ce-rest-api-model) v5.1.0 support: enhanced management of PDP features, i.e. all supported features may be listed, and each feature may have a 'type' and an 'enabled' (true or false) state that can be updated via the API
+- Supported PDP features by type: 
+  - Type `urn:ow2:authzforce:feature-type:pdp:core` (PDP core engine features, as opposed to extensions below): `urn:ow2:authzforce:feature:pdp:core:xpath-eval` (experimental support for XACML AttributeSelector, xpathExpression datatype and xpath-node-count function), `urn:ow2:authzforce:feature:pdp:core:strict-attribute-issuer-match` (enable strict Attribute Issuer matching, i.e. AttributeDesignators without Issuer only match request Attributes with same AttributeId/Category but without Issuer)
+  - Type `urn:ow2:authzforce:feature-type:pdp:data-type`: any custom XACML Data type extension
+  - Type `urn:ow2:authzforce:feature-type:pdp:function`: any custom XACML function extension
+  - Type `urn:ow2:authzforce:feature-type:pdp:function-set`: any set of custom XACML function extensions
+  - Type `urn:ow2:authzforce:feature-type:pdp:combining-algorithm`: any custom XACML policy/rule combining algorithm extension
+  - Type `urn:ow2:authzforce:feature-type:pdp:request-filter`: any custom XACML request filter + native ones, i.e. `urn:ow2:authzforce:xacml:request-filter:default-lax` (default XACML Core-compliant Individual Decision Request filter), `urn:ow2:authzforce:xacml:request-filter:default-strict` (like previous one except duplicate <Attribute> in a <Attributes> is not allowed), `urn:ow2:authzforce:xacml:request-filter:multiple:repeated-attribute-categories-lax` (request filter implenting XACML profile `urn:oasis:names:tc:xacml:3.0:profile:multiple:repeated-attribute-categories`), `urn:ow2:authzforce:xacml:request-filter:multiple:repeated-attribute-categories-strict` (like previous one except duplicate <Attribute> in a <Attributes> is not allowed)
+  - Type `urn:ow2:authzforce:feature-type:pdp:result-filter`: any custom XACML Result filter extension
+-  Distribution upgrader now supporting all 4.x versions as old versions
+
+
 ## 5.1.2
 ### Added
 - REST API features (see *Changed* section for API changes):
@@ -12,9 +27,9 @@ All notable changes to this project are documented in this file following the [K
 	- Fast Infoset support with new data representation type `application/fastinfoset` (in addition to `application/xml`) for all API payloads. Requires Authzforce Server to be started in a specific mode using [JavaEE Environment Entry](https://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Environment_Entries) `spring.profiles.active` in Tomcat-specific Authzforce webapp context file (`authzforce-ce.xml`). Default type remains `application/xml` (default type is used when a wildcard is received as Accept header value from the client) 
 	- API caches domains' PDPs and externalIds for performance reasons, but it is now possible to force re-synchronizing this domain cache after any change to the backend domain repository, i.e. reloading domains' PDPs and externalIDs without restarting the webapp or server:
 		- `GET or HEAD /domains` forces re-synchronization of all domains
-		- `GET or HEAD /domain/{domainId}/properties` forces re-synchronization of externalId with domain properties file (properties.xml) in the domain directory
-		- `GET or HEAD /domain/{domainId}/pap/pdp.properties`; or `GET or HEAD /domain/{domainId}/pap/policies` forces re-synchronization of PDP with configuration file (`pdp.xml`) and policy files in subfolder `policies` of the domain directory
-		- `DELETE /domain/{domainId}` forces removal of the domain from cache, and the domain directory if it still exists (removes from cache only if directory already removed)
+		- `GET or HEAD /domains/{domainId}/properties` forces re-synchronization of externalId with domain properties file (properties.xml) in the domain directory
+		- `GET or HEAD /domains/{domainId}/pap/pdp.properties`; or `GET or HEAD /domains/{domainId}/pap/policies` forces re-synchronization of PDP with configuration file (`pdp.xml`) and policy files in subfolder `policies` of the domain directory
+		- `DELETE /domains/{domainId}` forces removal of the domain from cache, and the domain directory if it still exists (removes from cache only if directory already removed)
 	- Properties for controlling the size of incoming XML (`maxElementDepth`, `maxChildElements`, `maxAttributeCount`, `maxAttributeSize`, `maxTextLength`) corresponding to [CXF XML security properties](http://cxf.apache.org/docs/security.html#Security-XML) may be configured as [JavaEE Environment Entries](https://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Environment_Entries) in Tomcat-specific Authzforce webapp context file (`authzforce-ce.xml`). Only `maxElementDepth` and `maxChildElements` are supported in Fast Infoset mode (due to issue [CXF-6848](https://issues.apache.org/jira/browse/CXF-6848)).
 - Completed 100% XACML 3.0 Core Specification compliance with support of Extended Indeterminate values in policy evaluation (XACML 3.0 Core specification, section 7.10-7.14, appendix C: combining algorithms)
 - Distribution upgrader: tool to upgrade from Authzforce 4.2.0
@@ -85,6 +100,7 @@ All notable changes to this project are documented in this file following the [K
 - Detection of circular references in Policy(Set)IdReferences or VariableReference
 - Configurable max allowed depth of PolicySetIdReference or VariableReference
 
+
 ## 4.2.0
 ### Added
 - Distribution as Debian package
@@ -93,6 +109,7 @@ All notable changes to this project are documented in this file following the [K
 - XACML 3.0: Ordered-permit-overrides policy/rule combining algorithm
 - XACML 3.0: Multiple Decision Profile, scheme 2.3 (repetition of attribute categories)
 
+
 ## 4.1.0
 ### Changed
 - Initial release in open source

README.md

@@ -1,10 +1,13 @@
 # AuthZForce Server
 [![License badge](https://img.shields.io/badge/license-GPL-blue.svg)](https://opensource.org/licenses/GPL-3.0)
-[![Documentation badge](https://readthedocs.org/projects/authzforce-ce-fiware/badge/?version=release-4.4.1d)](http://authzforce-ce-fiware.readthedocs.io/en/release-4.4.1d/?badge=release-4.4.1d)
+[![Documentation badge](https://readthedocs.org/projects/authzforce-ce-fiware/badge/?version=release-5.1.2)](http://authzforce-ce-fiware.readthedocs.io/en/release-5.1.2/?badge=release-5.1.2)
 [![Docker badge](https://img.shields.io/docker/pulls/fiware/authzforce-ce-server.svg)](https://hub.docker.com/r/fiware/authzforce-ce-server/)
 [![Support badge]( https://img.shields.io/badge/support-ask.fiware.org-yellowgreen.svg)](https://ask.fiware.org/questions/scope:all/sort:activity-desc/tags:authzforce/)
 
 Server components and distribution of AuthZForce authorization service (FIWARE Authorization PDP GEri). 
 
 This project also provides the Reference Implementation (GEri) of [FIWARE](https://www.fiware.org) *Authorization PDP* Generic Enabler (GE). More info on the [FIWARE catalogue](http://catalogue.fiware.org/enablers/authorization-pdp-authzforce).
 The manuals are available on [readthedocs.org](http://authzforce-ce-fiware.readthedocs.org/).
+
+Note for contributers:
+The sources for the manuals are located in [fiware repository](http://github.com/authzforce/fiware/doc).

dist/html/footer.html

@@ -0,0 +1,3 @@
+<footer>&copy; Copyright ${inceptionYear}-${currentYear} Thales Services.</footer>
+</body>
+</html>

dist/html/header.html

@@ -0,0 +1,9 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"
+   "http://www.w3.org/TR/html4/strict.dtd">
+<html lang="en">
+<head>
+    <title>AuthZForce Upgrader</title>
+    <meta charset="utf-8" />
+<!--     <link rel="stylesheet" href="##SITE_BASE##/css/default.css"> -->
+</head>
+<body>