What's new

This release fixes a series of security vulnerabilities affecting VOMS Admin 2.5.3 and some other bugs.

The vulnerabilities are described in this SVG advisory: https://wiki.egi.eu/wiki/SVG:Advisiory-SVG-2011-505

Main changes

Tomcat deployment configuration changes

In order to avoid race conditions in tomcat at VO startup time, the tomcat deployment configuration has been changed. For these changes to take effect this procedure must be followed (only when upgrading an existing gLite 3.2 VOMS installation):

1. After VOMS rpms have been updated, stop the voms and voms-admin services using the following command: service gLite stop
2. Remove the voms-admin webapp directories in $CATALINA_HOME/webapps, i.e. the vomses and voms#VO_NAME directories in there.
3. Stop tomcat
4. Cleanup the tomcat work directory, i.e. remove all the contents of the $CATALINA_HOME/work directory.
5. Launch YAIM to reconfigure your VOMS node.

VOMS Admin now provides a way to manage unconfirmed user VO registration requests

When a user registers with a VO, an email with a confirmation code is sent to authenticate the email used for the registration. The verification of the email is needed in order to proceed in the registration. Now it's possible to see and potentially drop registration requests that have been submitted by users but are not yet confirmed. This feature is useful to handle cases in which users have entered a wrong email address in the registration form and cannot proceed with the registration since they will never receive the confirmation code.

Check connectivity method in voms-db-deploy.py utility

voms-db-deploy.py now offers a check connectivity method that can be used to test connectivity to the database.