I found a couple minor issues with the Jetty binding while testing it with Windows Azure Active Directory:

1) Jetty Binding is always forcing SAML AuthN for all requests even if authentication is not mandatory

2) in SPFormAuthenticator.register(..) There is a null check to see if user has already been authenticated but Jetty will never provide a null value.It will most likely be Authentication.NOT_CHECKED

3) After successful SAML response validation SPFormAuthenticator redirects the user to the original request URL but it does not return an Authentication object that signals to Jetty that the request has been processed so Jetty continues the invocation chain causing a response comitted exception.

Please see github pull request for suggested enhancements.