Skip to content
This repository has been archived by the owner on Oct 12, 2020. It is now read-only.

Add session metadata attributes to serviceValidate response #3

Open
Doccrazy opened this issue Feb 5, 2017 · 0 comments
Open

Add session metadata attributes to serviceValidate response #3

Doccrazy opened this issue Feb 5, 2017 · 0 comments

Comments

@Doccrazy
Copy link
Owner

Doccrazy commented Feb 5, 2017

The following attributes concerning session metadata are mentioned in some parts of the CAS spec, but omitted in others:

  • authenticationDate: Date of user authentication to CAS server
  • longTermAuthenticationRequestTokenUsed: True if remember-me authentication was used (should always be false as Keycloak does not support remember-me)
  • isFromNewLogin: True if interactive login was performed, false for cookie login

Example serviceValidate XML section:

<cas:attributes>
    <cas:authenticationDate>2015-11-12T09:30:10Z</cas:authenticationDate>
    <cas:longTermAuthenticationRequestTokenUsed>true</cas:longTermAuthenticationRequestTokenUsed>
    <cas:isFromNewLogin>true</cas:isFromNewLogin>
    <cas:myAttribute>myValue</cas:myAttribute>
    [...]
</cas:attributes>

There is no JSON example in the spec.

CAS specification link: https://apereo.github.io/cas/5.0.x/protocol/CAS-Protocol-Specification.html#saml-cas-response-attributes (Appendix A)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

No branches or pull requests

1 participant