<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Its spec compliance, a quick fix, and makes things simpler.<br>
<br>
<div class="moz-cite-prefix">On 4/18/2016 9:26 AM, Stian Thorgersen
wrote:<br>
</div>
<blockquote
cite="mid:CAJgngAet4DVjAiaWPLdgZZXmu7aUs=x_8PNhv99uiabfor_6dA@mail.gmail.com"
type="cite">
<div dir="ltr">We're way past feature freeze and need to carefully
consider including more changes for 1.9.x.
<div><br>
</div>
<div>Unless this is required, which from my understanding it's
not, we create a JIRA issue for 2.x and post-pone.</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On 18 April 2016 at 15:03, Pedro Igor
Silva <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:psilva@redhat.com" target="_blank">psilva@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">+1<br>
<span class="im HOEnZb"><br>
----- Original Message -----<br>
From: "Bill Burke" <<a moz-do-not-send="true"
href="mailto:bburke@redhat.com">bburke@redhat.com</a>><br>
To: "Pedro Igor Silva" <<a moz-do-not-send="true"
href="mailto:psilva@redhat.com">psilva@redhat.com</a>><br>
</span><span class="im HOEnZb">Cc: "John Dennis" <<a
moz-do-not-send="true" href="mailto:jdennis@redhat.com"><a class="moz-txt-link-abbreviated" href="mailto:jdennis@redhat.com">jdennis@redhat.com</a></a>>,
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a>,
"Nathan Kinder" <<a moz-do-not-send="true"
href="mailto:nkinder@redhat.com">nkinder@redhat.com</a>><br>
Sent: Monday, April 18, 2016 9:47:43 AM<br>
Subject: Re: [keycloak-dev] Keycloak's SAML AuthnResponse
uses wrong binding<br>
<br>
<br>
<br>
</span>
<div class="HOEnZb">
<div class="h5">On 4/18/2016 7:23 AM, Pedro Igor Silva
wrote:<br>
>> IMO, what the bug fixes should be are:<br>
>> * Make sure "Force POST Binding" is on by
default (High Priority)<br>
> As John pointed out ...<br>
><br>
> Don't you think that in 2.0 you can just do POST
and remove that "Force POST Binding" switch ?<br>
<br>
I would just do it now. It is a easy fix and makes
configuration that<br>
much simpler. If you agree I'll just change it.<br>
<br>
--<br>
Bill Burke<br>
JBoss, a division of Red Hat<br>
<a moz-do-not-send="true"
href="http://bill.burkecentral.com" rel="noreferrer"
target="_blank">http://bill.burkecentral.com</a><br>
<br>
_______________________________________________<br>
keycloak-dev mailing list<br>
<a moz-do-not-send="true"
href="mailto:keycloak-dev@lists.jboss.org">keycloak-dev@lists.jboss.org</a><br>
<a moz-do-not-send="true"
href="https://lists.jboss.org/mailman/listinfo/keycloak-dev"
rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-dev</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Bill Burke
JBoss, a division of Red Hat
<a class="moz-txt-link-freetext" href="http://bill.burkecentral.com">http://bill.burkecentral.com</a></pre>
</body>
</html>