I think so. Similarly, I noticed that validation responses do not implement support for attributes authenticationDate and memberOf. I'd think that these needs to be present in the final response when available to implement full protocol support for attributes per Appendix A.
Misagh ----- Original Message ----- From: "Robert Oschwald" <[email protected]> To: [email protected] Sent: Friday, January 10, 2014 1:07:11 AM Subject: [cas-dev] RememberMe attribute in validate response In SAML10SuccessResponseView, isFromNewLogin() is always evaluated. So when RememberMe is enabled, the longTermAuthenticationRequestTokenUsed attribute is set automatically on a Remembered login. Shouldn’t that also be added by default to the 3.0/casServiceValidationSuccess.jsp page? Otherwise, we need to document somewhere how to setup RememberMe in the view. As this is a security relevant attribute, I prefer to have the evaluation in by default. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
