I think so. Similarly, I noticed that validation responses do not implement support for attributes authenticationDate and memberOf. I'd think that these needs to be present in the final response when available to implement full protocol support for attributes per Appendix A.
Misagh ----- Original Message ----- From: "Robert Oschwald" <robertoschw...@googlemail.com> To: cas-dev@lists.jasig.org Sent: Friday, January 10, 2014 1:07:11 AM Subject: [cas-dev] RememberMe attribute in validate response In SAML10SuccessResponseView, isFromNewLogin() is always evaluated. So when RememberMe is enabled, the longTermAuthenticationRequestTokenUsed attribute is set automatically on a Remembered login. Shouldn’t that also be added by default to the 3.0/casServiceValidationSuccess.jsp page? Otherwise, we need to document somewhere how to setup RememberMe in the view. As this is a security relevant attribute, I prefer to have the evaluation in by default. -- You are currently subscribed to cas-dev@lists.jasig.org as: mmoay...@unicon.net To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
