|
|
|
When specifying an XPath expression to identify a SAML assertion attribute that specifies the user identity for WS‑Security authentication in the Attribute Name/XPATH field, you may need to strip standard prefixes to return the attribute value itself. The XPath substring-after function provides a standard method to perform this operation.
For example, consider a SAML assertion created by the CA SiteMinder SAML Assertion Generator. This assertion contains an attribute “username” that specifies the user identify that you want to use for authentication in the following format:
header:uid=username
To remove the unwanted prefix, “header:uid=”, use the XPath substring-after function in the XPath query in which you specify the target attribute. For example the following Xpath query will return “username” rather than the whole string “header:uid=username”:
substring-after(//SMprofile/NVpair[1]/text(),"header:uid=")
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |