On Fri, Nov 16, 2012 at 9:56 AM, Marvin Addison <marvin.addi...@gmail.com> wrote: > >> > The SAML validation should be part of the spec, but marked optional as >> > we >> > decided some times ago. Making SAML optional makes me wonder about the >> > SAML >> > validation in CAS client : make it optional also ? split the CAS client >> > in >> > multiple specific clients ? >> >> Personally, I think we should defer any SAML discussion to the SAML >> spec. I'm also in favor of deprecating the SAML1.1 end-points in >> favor of the new CAS+attributes payload. > > > We were tending toward consensus with the plan to factor SAML support into a > separate (i.e. optional) module. I'd recommend avoiding extreme options like > deprecation in favor of the existing plan that's already widely agreed upon.
I'm certainly in favor of making it optional. I also think it is important to be very clear just what "SAML support" really means in this case. The SAML1.1 XML format ticket validation response starts to not make much sense once attributes are in the normal CAS payload. Deprecating it in 4.0 and the dropping it from the suite at some point the future will lead to no loss of functionality and would reduce the maintenance burden on the server and all the clients. Best, Bill -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
