> The condition reads: > > If the principals are not equal and the authentication attributes > (metadata) are equal, throw an exception.
Read that wrong. Correct logic: if both principal and authentication attributes are not equal throw. I convinced myself after reviewing tests that we don't want to consider authentication attributes in this case, which is the approach I took in the patch in this pull: https://github.com/Jasig/cas/pull/416 M -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
