What's new in Caucus 4.4
(Last updated 5 November 2002.)
Caucus 4.4 is a significant new Caucus release with huge implications for the integration of Caucus with other software. The highlights of this new release include:
- A completely new way of handling authentication (user login), with support for LDAP.
- A built-in set of file libraries (the "FileSafe")
- The ability for managers to send e-mail to everyone in a group, in a conference, or on the site.
- A display of "who's on now?".
- A restructured way of handling CML (interface) files that greatly improves the ease of making and retaining custom changes.
- PNG icons
This document is a detailed summary of what is new in 4.4, compared to 4.36. It assumes some specific and technical knowledge of the features in Caucus.
- New Login Method
Caucus 4.4 provides two different authentication (aka login) methods:
- A new cookie-based method that does away with the pop-up authentication box. This is the default (and preferred) method.
- The original pop-up box method.
There are many advantages to the cookie-based method:
- It greatly improves the ability to integrate Caucus with other web-based applications, so that they can share a single-signon.
- It supports both LDAP-based authorisation and the standard "passwd" file authorisation. This is a huge step forward; by using LDAP, all of your applications, now including Caucus, can authorise from a single, central, database of userids and passwords.
- The userid and password fields can appear on any HTML page -- so you can build them in anywhere you want, instead of requiring the user to click on a link and then enter their userid and password.
- It improves password security. As soon as a user logs out (or if their session times out), they must actively log in again. (In the old method, the userid and password were remembered by the browser, for as long as the browser was running.)
- You can login to Caucus as different people in different windows -- all at the same time!
While the cookie method is preferred, both methods work. If a browser has cookies disabled, the user is warned and automatically offered a link to the old login method. And you can login with the same userid and password via either method.
The new FileSafe feature (available via a new button on the Caucus toolbar) is a set of access-controlled file libraries, that allow you to upload and store files in a hierarchy that is independent of conferences.
E-mail to All
Caucus managers may now send e-mail, directly from within Caucus, to everyone in a group or conference, or to every single person registered with the site.
Who's On Now?
A list of the people currently logged in to Caucus is available from the People page -- or as a macro that can be placed anywhere, including on the Caucus Center page.
Restructured CML directories
The layout of the CML directories has been completely restructured in a way that allows for "overrideable" CML files and directories. See Overrideable CML Directories for details.
Browsers that support the PNG graphic format automatically load PNG images that will look good against any background color or image.
Supporting browsers include Netscape 6.2+ and Opera 6. Unfortunately Microsoft has not chosen to support PNG, so IE will automatically "failover" to the old GIF icons.
"Outside" Caucus URLs (that may be used in static HTML documents to link into Caucus conferences) may now specify the interface to be used. For example:
- goes to the Caucus Center page in the default interface (now CC44).
- goes to the Caucus Center page in the interface named XYZ.
- goes to the "Welcome"conference home page in the XYZ interface.
and so on. (See the section on "Caucus URLs" in the on-line help in Caucus for more examples.)
Restricting Robots and Denial-of-Service attacks
In at least one known instance, Caucus suffered from an (unintentional) denial-of-service attack when a sophisticated user ran an automatic page-capturing tool against a set of Caucus conferences. This resulted in a very large number of distinct Caucus sessions (swebs processes) being started in a short time, which brought most of the other Caucus users to a standstill.
The configuration file ~/SWEB/swebd.conf has a new parameter, called Robot_Reject, with a default value of 10 seconds. This means that at least 10 seconds must pass between two Caucus sessions being started for the same userid. (Trying to start another session before that time generates a page with a "Reject" message.) It is extremely unlikely that an ordinary (human) user of Caucus would ever run into this limit; if it should become an issue the value can be lowered.
Robots or page-capture tools can still be used to scan Caucus conferences, so long as they use a single Caucus session. (Some page-capture tools allow many "threads" to be started at once; this is what is blocked by the new feature.)
In keeping with the restructuring of the Caucus CML directories, CSNAP has a new "-i interface" option, which allows the site administrator running CSNAP to specify the default interface. The primary effect of this is to make sure the CSNAP'd center page knows about interface-specific changes. See the file ~/CML/CSNAP44/main/csnap.cml for details.
The manager option "Produce User Reports" now includes in its report the date and time a user first registered with Caucus. (Only applies if the person registered using the 4.4 software, otherwise the value for that field will be empty.)
https and SSL
Caucus 4.4 makes it much easier to use https (and thus SSL). You can choose either http or https as your default Caucus-wide protocol, or you can make specific interfaces (CML directories) use http or https. See the Caucus How-To Using https for more details.