On Tue, Dec 20, 2011 at 12:58 PM, William G. Thompson, Jr. <[email protected] > wrote:
> On Fri, Dec 16, 2011 at 11:48 AM, Marvin Addison > <[email protected]> wrote: > >> enhancing the serviceValidate and proxyValidate responses to include > the user attributes as additional XML elements does not break CAS client > library's parsing of the response > > > > I suppose my wording was poor. I meant break in terms of protocol > > specification not software processing. You're correct that nothing > > breaks, but it's simply a fact that most clients have to be modified > > to handle attributes in the CAS 2.0 protocol response. Why go to the > > trouble when SAML is supported out of the box by all the major clients > > and is a standard besides? > > Flexibility and the.opportunity to do the simplest thing that might > work. As Andrew noted above some CAS integration scenarios already > require attributes in the CAS payload. > > The SAML1.0 CAS response document is standards based as far as that > goes. However, the interaction is not a SAML profile such that it > would interop out of the box with some other non CAS SAML endpoint. > The HE SAML community has moved on to SAML2 and all the profiles it > prescribes. It's hard to see the benefits of continuing the support > of the SAML1.0 CAS endpoint if attributes were available in the CAS > protocol. > > Perhaps it's time for CAS Protocol 2.1. > Or one of the standard protocols that people are using these days (SAML2, OpenID2, etc.) Cheers, Scott > > Best, > Bill > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
