On Mon, Apr 8, 2013 at 4:53 PM, Marvin Addison <marvin.addi...@gmail.com> wrote: >> I'm hopeful that client devs were already >> aware of the changes and that two weeks would be enough for anyone who >> hasn't yet reviewed the draft. > > I would hope the same, but we should not act on assumptions in this case. > >> The biggest issue for clients is the potential for the optional cas >> attributes to show up in validate response. Most (all?) of them >> already handle this case? > > I can say for certain the XML parsing in mod_auth_cas is very > sensitive to changes. That is a hugely important client we do _not_ > want to break for 4.0. I would recommend we work off explicit feedback > instead of assumptions, which may require reaching out to client > maintainers and having them test against an RC. That sounds like a > time-consuming process, but one we should invest in.
I agree backward compatibility is a must for the validation response. Actually supporting attributes I would argue is not. mod_auth_cas already does not support a number of CAS features per the README...SLO being one of them. Given the prevalence of the attribute customization, I'll actually be surprised if this is an issue, but we can test that once we're in RC, and Unicon can commit to addressing it if it's an issue. Best, Bill > > M > > -- > You are currently subscribed to cas-dev@lists.jasig.org as: wgt...@gmail.com > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
