[keycloak-dev] Keycloak's SAML AuthnResponse uses wrong binding

John Dennis jdennis at redhat.com
Thu Apr 21 19:57:04 EDT 2016 

On 04/18/2016 09:28 AM, Bill Burke wrote:
> Its spec compliance, a quick fix, and makes things simpler.

Sorry for the delay in responding, I was out on PTO.

Thank you for making the change.

Spec compliance should always be a priority.

>
> On 4/18/2016 9:26 AM, Stian Thorgersen wrote:
>> We're way past feature freeze and need to carefully consider including
>> more changes for 1.9.x.
>>
>> Unless this is required, which from my understanding it's not, we
>> create a JIRA issue for 2.x and post-pone.
>>
>> On 18 April 2016 at 15:03, Pedro Igor Silva <psilva at redhat.com
>> <mailto:psilva at redhat.com>> wrote:
>>
>>     +1
>>
>>     ----- Original Message -----
>>     From: "Bill Burke" <bburke at redhat.com <mailto:bburke at redhat.com>>
>>     To: "Pedro Igor Silva" <psilva at redhat.com <mailto:psilva at redhat.com>>
>>     Cc: "John Dennis" <<mailto:jdennis at redhat.com>jdennis at redhat.com>,
>>     keycloak-dev at lists.jboss.org
>>     <mailto:keycloak-dev at lists.jboss.org>, "Nathan Kinder"
>>     <nkinder at redhat.com <mailto:nkinder at redhat.com>>
>>     Sent: Monday, April 18, 2016 9:47:43 AM
>>     Subject: Re: [keycloak-dev] Keycloak's SAML AuthnResponse uses
>>     wrong binding
>>
>>
>>
>>     On 4/18/2016 7:23 AM, Pedro Igor Silva wrote:
>>     >> IMO, what the bug fixes should be are:
>>     >> * Make sure "Force POST Binding" is on by default (High Priority)
>>     > As John pointed out ...
>>     >
>>     > Don't you think that in 2.0 you can just do POST and remove that
>>     "Force POST Binding" switch ?
>>
>>     I would just do it now.  It is a easy fix and makes configuration that
>>     much simpler.  If you agree I'll just change it.
>>
>>     --
>>     Bill Burke
>>     JBoss, a division of Red Hat
>>     http://bill.burkecentral.com
>>
>>     _______________________________________________
>>     keycloak-dev mailing list
>>     keycloak-dev at lists.jboss.org <mailto:keycloak-dev at lists.jboss.org>
>>     https://lists.jboss.org/mailman/listinfo/keycloak-dev
>>
>>
>
> --
> Bill Burke
> JBoss, a division of Red Hat
> http://bill.burkecentral.com
>
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>


-- 
John

More information about the keycloak-dev mailing list