***********************************
*           XWHEP-7.0.0           *
*---------------------------------*
* Release date : Nov 3rd, 2010    *
* Author : Oleg Lodygensky        *
*          lodygens@lal.in2p3.fr  *
***********************************



-Introduction-

Since there are a lot of corrections and new features, this version in a few works:
* worker can now manage as many simultaneous jobs as available CPUs
* worker under Mac OS X is fully sandboxed to ensure volunteer integrity
* full usage of X509 certificate
* client GUI restored




-A- Corrections

-A.1- on client side, a bug corrected when creating object from XML file
      (using '--xwxml' command line paramter)
-A.2- logger rewritten
-A.3- a bug corrected in cache; it now uses URI as key
-A.4- the bridge registers only once
-A.5- standard users can retrieve their own works, datas and tasks
      Advanced privileges are needed to retrieve all works, datas or tasks
      This aims to improve scalability by decreasing amount of unecessary communications.
-A.6- a bug corrected on client side : some problems occured on file access
      if two users were using the same client config file.
      (e.g. 'sudo xwworks' followed by 'xwworks'...)
-A.7- on worker side, concurrent file acces problems corrected
      the worker can then now manage several simultaneous jobs
      (min = 1; max = amount of detected CPUs)
-A.8- client GUI simplified and functionnal


-B- New features

-B.0- on worker side, introducing the Apple sandbox usage
-B.1- full usage of X509 certificates : credentials can be either login/password or X509 ceritifcate.
      The X509_USER_PROXY environment variable must be set before using the client.
      In conjonction with XtremWeb-HEP, users are encouraged to use jlite by Oleg Sukhoroslov - http://code.google.com/p/jlite .
      The X509_USER_PROXY may contain an X509 proxy as well as an X509 certificate "only".
      This makes no difference to connect to XWHEP server.
      But an X509 proxy allows EGEE ressources usage, whereas an X509 certificate don't.
      This is transparent for the end user. Ressource usage is still on best effort mode.
      The X509_CERT_DIR variable must be set in server config file and points to the directory of CA certificates.
      The server validates certificates through its known certificate paths created from X509_CERT_DIR.
      This clearly means that self signed user certificates are not allowed.
      Users with an X509 certificate that can be validated through the XW server CA cert paths
      are automatically registered with STANDARD_USER user rights.
      While users using login/password still need to be registered by the XW administrator.
-B.2- introducing _history tables to decrease production tables sizes
      by moving row beeing deleted into _history tables
-B.3- introducing more logging levels (FINEST, CONFIG) to decrease debug outputs (for Gilles ;) )
-B.4- in prevision of a new improved DG QoS, database now stores (but this is not used yet)
	- amount of pending, running and erroneus jobs per application
	- amount of pending, running and erroneus jobs per worker
	- amount of pending, running and erroneus jobs per user
	- usedcputime per user
	- webpage per application
	- webpage per usergroup
-B.5- new columns in hosts table
        - totaltmp : total space available in the partition used by the worker
	- freetmp  : free  space available in the partition used by the worker
	- poolworksize : the amount of job the worker can run simultaneously
	- sgid : Service Grid Identifier
	  sgid : this deprecates pilotjob field (even if it is still used for the moment)
	  sgid is automatically set by worker from System.getenv("GLITE_WMS_JOBID")
	  this can still be faked by a malicious (just as "pilotjob" field is)
	  but the monitoring has the opportunity to check if this is a valid SGID or not
	  which was not the case with the field "pilotjob"
-B.6- the client accepts a new parameters : "--xwshell" that instanciates a daemon client.
	This daemon accept incoming connections on port 4327 and forwards received XMLRPCCommand
	to the server (and sends answers back).
       This specifically aims to improve bridges performances.
-B.7-  worker accessrights reflects confinement 
       * a public  worker has a 0X755 accessrights
       * a group   worker has a 0X750 accessrights
       * a private worker has a 0X700 accessrights
-B.8- a new REST interface.
	User can now connect to server through HTTPS, port 4326

	Example :
	To retrieve work UIDs
	http://an_xwhep_server:4326/?xwcommand=<getworks><user login="a_valid_user_account" password="a_valid_user_password" /></getworks>
	This gets :
	   <xwhep>
	     <XMLVector SIZE="1257">
	       <XMLVALUE type="xtremweb.common.UID" value="0d27d68e-5534-4f48-b568-ec54a1d0dbc3"/>
	       <XMLVALUE type="xtremweb.common.UID" value="759d336b-f8fb-43df-a05d-cd503e"51a4"/></XMLVector></xwhep>
		...
	     </XMLVector>
	   </xwhep>

	Then to retreive a given work
	http://an_xwhep_server:4326/?xwcommand=<get uri="http://an_xwhep_server:4326/16dc777f-cb6a-44a3-96de-9ef7d35ffe44"><user login="a_valid_user_account" password="a_valid_user_password" /></get>
	This gets :
	   <xwhep>
		<work uid="359b4dc6-7c12-470d-af59-7a0d87b19602" isservice="false" isdeleted="false" appuid="dfccc275-bf20-43db-93ba-28cdd4270570" useruid="0d27d68e-5534-4f48-b568-ec54a1d0dbc3" accessrights="0x755" status="COMPLETED" returncode="0" cmdline="" dirinuri="xw://an_xwhep_server:4321/1b5a2656-a18c-43e9-b339-5731758275d2" resulturi="xw://an_xwhep_server:4321/a46e4350-d3f4-4b8d-9e3b-4b62f0d400db" arrivaldate="2010-09-30 21:02:11" completeddate="2010-09-30 21:30:07" sendtoclient="false" local="true" active="true" replicated="false" maxretry="0" minmemory="0" mincpuspeed="0"/>
	   </xwhep>
-B.9- introducing intel itanium for linux


-C- Known Bugs

-C.1- Result download errors reported using 'xwdownload', but not with 'xwresult'
  We have not been able to reproduce them
  If you encounter these, please send us log file in DEBUG mode
-C.2- xtremweb.gmond.pl does not scale
-C.3- windows 7 not supported
-C.4- the scheduler is not fair


- Versionning -

Versionning is as follow
	- X is a major part of the version
	- Y is a minor part of the version
	- Z is the micro part of the version

(*) X reports a very important change : for example the communication protocol changes or a major new feature is modified/introduced/removed
When X changes, backward compatibility is not ensured

(*) Y reports a important but not critical change : backward compatibility is ensured

(*) Z reports a minor change : bug correction, documentation changes etc.