On Fri, Dec 16, 2011 at 11:48 AM, Marvin Addison <[email protected]> wrote: >> enhancing the serviceValidate and proxyValidate responses to include the >> user attributes as additional XML elements does not break CAS client >> library's parsing of the response > > I suppose my wording was poor. I meant break in terms of protocol > specification not software processing. You're correct that nothing > breaks, but it's simply a fact that most clients have to be modified > to handle attributes in the CAS 2.0 protocol response. Why go to the > trouble when SAML is supported out of the box by all the major clients > and is a standard besides?
Flexibility and the.opportunity to do the simplest thing that might work. As Andrew noted above some CAS integration scenarios already require attributes in the CAS payload. The SAML1.0 CAS response document is standards based as far as that goes. However, the interaction is not a SAML profile such that it would interop out of the box with some other non CAS SAML endpoint. The HE SAML community has moved on to SAML2 and all the profiles it prescribes. It's hard to see the benefits of continuing the support of the SAML1.0 CAS endpoint if attributes were available in the CAS protocol. Perhaps it's time for CAS Protocol 2.1. Best, Bill -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
