[ https://issues.jboss.org/browse/ELY-457?page=com.atlassian.jira.plugin.sy... ] Jan Kalina updated ELY-457: --------------------------- Comment: was deleted (was: Sorry, edit: I has bad understood the RFC, the IdP sends authentication statement to the browser/sasl client, which sends it into sasl sever over sasl. There should be no problem in such case... {panel} in the form of an authentication statement or failure, using an indirect response via the client browser or the handler (and with an external browser, client control should be passed back to the SASL client). {panel}) -- This message was sent by Atlassian JIRA (v7.5.0#75005)