Federation Guides › Partnership Federation Guide › Open Format Cookie Details
Open Format Cookie Details
The federation open format cookie lets applications assert user attributes to CA SiteMinder® and consume user attributes that CA SiteMinder® encapsulates. The open format cookie has the following general characteristics:
- The cookie is accessible by applications written in any programming language.
- The cookie content consists of a string of UTF-8 bytes, which supports international character sets.
- The combined size in UTF-8 bytes of each name/value pair precedes the name/value pair.
- Space characters are added for legibility.
- The cookie is simple to parse and easily extensible.
Important! If the cookie contains any unsafe characters such as '=', enclose the value in double quotes. You can specify this option through the user interface, or through the SDK.
The open format cookie contains the following property information:
- Cookie Version
- Name ID
- Name ID Format
- Session ID
- AuthnContext
- UserDN (same as User ID)
The following diagram shows the open format:
Key:
- Ver — the cookie format version; for CA SiteMinder Federation r12.1, this value is 1.
- Sp — an ASCII space character, used only to improve readability.
- Properties — information about the principal.
- Attributes — SAML attributes from the Assertion
- Cnt — the number of name value pairs that follow, represented in ASCII.
- Sz — the length of the name or value that follows
- ValCnt — the number of attribute values that follow. For CA SiteMinder Federation r12.1, multiple values for an attribute are not supported. Set this value to 1.
The Backus-Naur Form (BNF) for this format is following (0* means 0 or more; 1* means at least 1).
- DIGIT = ASCII digit (0 through 9)
- CHAR = UTF-8 character
- Sp = ASCII space (character 32)
- Token = 1*CHAR
- Cookie = Version Sp Properties Attributes
- Version = 1*DIGIT
- Cnt = 1*DIGIT
- Properties = Cnt 1*PPair
- Attributes = Cnt 0*APair
- ValCnt = 1*DIGIT
- PPair = Sz Sp Name Sp Sz Sp Value
- APair = Sz Sp Name Sp ValCnt Sp Sz Sp Value
- Sz = 1*DIGIT
- Name = Token
Value = Token
Contents of the Open Format Cookie
The federation open format cookie lets applications assert user attributes to CA SiteMinder® and consume user attributes that CA SiteMinder® encapsulates. The open format cookie has the following general characteristics:
- The cookie is accessible by applications written in any programming language.
- The cookie content consists of a string of UTF-8 bytes, which supports international character sets.
- The combined size in UTF-8 bytes of each name/value pair precedes the name/value pair.
- Space characters are added for legibility.
- The cookie is simple to parse and easily extensible.
Important! If the cookie contains any unsafe characters such as '=', enclose the value in double quotes. You can specify this option through the user interface, or through the SDK.
The open format cookie contains the following property information:
- Cookie Version
- Name ID
- Name ID Format
- Session ID
- AuthnContext
- UserDN (same as User ID)
The following diagram shows the open format:
Key:
- Ver — the cookie format version; for CA SiteMinder Federation r12.1, this value is 1.
- Sp — an ASCII space character, used only to improve readability.
- Properties — information about the principal.
- Attributes — SAML attributes from the Assertion
- Cnt — the number of name value pairs that follow, represented in ASCII.
- Sz — the length of the name or value that follows
- ValCnt — the number of attribute values that follow. For CA SiteMinder Federation r12.1, multiple values for an attribute are not supported. Set this value to 1.
The Backus-Naur Form (BNF) for this format is following (0* means 0 or more; 1* means at least 1).
- DIGIT = ASCII digit (0 through 9)
- CHAR = UTF-8 character
- Sp = ASCII space (character 32)
- Token = 1*CHAR
- Cookie = Version Sp Properties Attributes
- Version = 1*DIGIT
- Cnt = 1*DIGIT
- Properties = Cnt 1*PPair
- Attributes = Cnt 0*APair
- ValCnt = 1*DIGIT
- PPair = Sz Sp Name Sp Sz Sp Value
- APair = Sz Sp Name Sp ValCnt Sp Sz Sp Value
- Sz = 1*DIGIT
- Name = Token
- Value = Token
Copyright © 2015 CA Technologies.
All rights reserved.
|
|