>> We have a vendor whose CAS integration instructions for a specific product >> requires us to modify casServiceValidationSuccess.jsp such that it returns >> attributes instead of using /samlValidate. Has anyone else had a request >> like this? > > We've had even worse -- the Sungard/Banner integration requires an > integration library that exposes an entirely new service validation > endpoint that speaks some proprietary XML.
This is another Sungard/Banner product that really should either use SAML or the new service validator, but doesn't :-/. > >> If so, what has your response been? > > We followed the vendor instructions because it was required for > integration. We did try to shame them for not using the existing SAML > 1.1 support, but I doubt it worked. On the other hand I hear they're > moving to SAML. That's what I'm afraid were going to have to do. I guess there's no real security risks because any service that will see this could also do a SAML request... > >> We would really prefer to request that they fix their application than make >> changes to CAS for this. > > I hope you'll collaborate with your vendor to make the requisite > changes. If you're a valuable customer/partner, then you may be > successful to the benefit of yourself and others. It's definitely the > high road and one worth taking even if it ends in a dead end. We have a ticket in, but I'm not sure it's going to do much good. Thanks for the input. P.S. - I work with Norman in case you're wondering why I'm responding. > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
