Currently, authenticationDate, memberOf, isFromNewLogin and longTermAuthenticationRequestTokenUsed attributes are defined as optional in the schema definition Appdx A.
Maybe it would be better to mark those attributes as mandatory in the XSD schema, so we do not have conditional attribute requirements based on features enabled in CAS. Robert Am 10.01.2014 um 13:18 schrieb Misagh Moayyed <[email protected]>: > I think so. Similarly, I noticed that validation responses do not implement > support for attributes authenticationDate and memberOf. I'd think that these > needs to be present in the final response when available to implement full > protocol support for attributes per Appendix A. > > Misagh > > > From: "Robert Oschwald" <[email protected]> > To: [email protected] > Sent: Friday, January 10, 2014 1:07:11 AM > Subject: [cas-dev] RememberMe attribute in validate response > > In SAML10SuccessResponseView, isFromNewLogin() is always evaluated. > So when RememberMe is enabled, the longTermAuthenticationRequestTokenUsed > attribute is set automatically on a Remembered login. > > Shouldn’t that also be added by default to the > 3.0/casServiceValidationSuccess.jsp page? > Otherwise, we need to document somewhere how to setup RememberMe in the view. > As this is a security relevant attribute, I prefer to have the evaluation in > by default. > > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev > > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
