Re: [keycloak-dev] Keycloak's SAML AuthnResponse uses wrong binding

Its spec compliance, a quick fix, and makes things simpler.

On 4/18/2016 9:26 AM, Stian Thorgersen wrote: > We're way past feature freeze and need to carefully consider including > more changes for 1.9.x. > > Unless this is required, which from my understanding it's not, we > create a JIRA issue for 2.x and post-pone. > > On 18 April 2016 at 15:03, Pedro Igor Silva <psilva(a)redhat.com > <mailto:psilva@redhat.com>> wrote: > > +1 > > ----- Original Message ----- > From: "Bill Burke" <bburke(a)redhat.com <mailto:bburke@redhat.com>> > To: "Pedro Igor Silva" <psilva(a)redhat.com <mailto:psilva@redhat.com>> > Cc: "John Dennis" <<mailto:jdennis@redhat.com>jdennis@redhat.com>, > keycloak-dev(a)lists.jboss.org > <mailto:keycloak-dev@lists.jboss.org>, "Nathan Kinder" > <nkinder(a)redhat.com <mailto:nkinder@redhat.com>> > Sent: Monday, April 18, 2016 9:47:43 AM > Subject: Re: [keycloak-dev] Keycloak's SAML AuthnResponse uses > wrong binding > > > > On 4/18/2016 7:23 AM, Pedro Igor Silva wrote: > >> IMO, what the bug fixes should be are: > >> * Make sure "Force POST Binding" is on by default (High Priority) > > As John pointed out ... > > > > Don't you think that in 2.0 you can just do POST and remove that > "Force POST Binding" switch ? > > I would just do it now. It is a easy fix and makes configuration that > much simpler. If you agree I'll just change it. > > -- > Bill Burke > JBoss, a division of Red Hat > http://bill.burkecentral.com > > _______________________________________________ > keycloak-dev mailing list > keycloak-dev(a)lists.jboss.org <mailto:keycloak-dev@lists.jboss.org> > https://lists.jboss.org/mailman/listinfo/keycloak-dev > > -- Bill Burke JBoss, a division of Red Hat http://bill.burkecentral.com _______________________________________________ keycloak-dev mailing list keycloak-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-dev