Your server-side attribute repository looks sound. > I'll be using the Saml11TicketValidationFilter on the client
That's a good start. You mentioned list emails, but have you consulted the documentation, https://wiki.jasig.org/display/CASC/Configuring+the+JA-SIG+CAS+Client+for+Java+in+the+web.xml. https://wiki.jasig.org/display/CASC/JASIG+Client+SAML+Saml11TicketValidationFilter+Example also has working example, although may not have all the filters you'd want. You should consider setting the tolerance parameter to a value greater than the default 1 second; 10s should be more than enough for most environments that have NTP time synchronization. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
