Bugs fixed
- Supports CORS requests to the /requests REST API to enable web-based clients to use the authentication functionality.
- SAML requests would fail if key file contained attribute values before the encapsulation boundary ("keyInfo is not in PEM format or in base64 format").