opened CAS-1413
Am 10.01.2014 um 13:48 schrieb Robert Oschwald <[email protected]>: > Currently, authenticationDate, memberOf, isFromNewLogin and > longTermAuthenticationRequestTokenUsed attributes are defined as optional in > the schema definition Appdx A. > > Maybe it would be better to mark those attributes as mandatory in the XSD > schema, so we do not have conditional attribute requirements based on > features enabled in CAS. > > Robert > > Am 10.01.2014 um 13:18 schrieb Misagh Moayyed <[email protected]>: > >> I think so. Similarly, I noticed that validation responses do not implement >> support for attributes authenticationDate and memberOf. I'd think that these >> needs to be present in the final response when available to implement full >> protocol support for attributes per Appendix A. >> >> Misagh >> >> >> From: "Robert Oschwald" <[email protected]> >> To: [email protected] >> Sent: Friday, January 10, 2014 1:07:11 AM >> Subject: [cas-dev] RememberMe attribute in validate response >> >> In SAML10SuccessResponseView, isFromNewLogin() is always evaluated. >> So when RememberMe is enabled, the longTermAuthenticationRequestTokenUsed >> attribute is set automatically on a Remembered login. >> >> Shouldn’t that also be added by default to the >> 3.0/casServiceValidationSuccess.jsp page? >> Otherwise, we need to document somewhere how to setup RememberMe in the >> view. >> As this is a security relevant attribute, I prefer to have the evaluation in >> by default. >> >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev >> >> >> -- >> You are currently subscribed to [email protected] as: >> [email protected] >> To unsubscribe, change settings or access archives, see >> http://www.ja-sig.org/wiki/display/JSG/cas-dev > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
