Previous Topic: Federation Web Services Cannot Decode SMSESSION Cookie on Tomcat (129196)Next Topic: Trace Message for Redirect Mode Displays Incorrect Text (100214)

Release NotesFederation Security Services Release NotesFixes in r12 SP3Mutli-value Assertion Attributes Not Handled Properly (124560)

Mutli-value Assertion Attributes Not Handled Properly (124560)

Symptom:

Sending LDAP attributes with more than one value was not properly handled by SiteMinder for SAML 2.0 and WS-Federation protocols. The attributes were separated by a caret ('^') in the assertion instead of being treated as separate elements.

Solution:

When you configure assertion attributes in the UI, place the prefix FMATTR: in front of the attribute name, each attribute value becomes a separate <AttributeValue> element in the assertion.

The Federation Security Services Guide contains specific configuration instructions.

STAR Issue: 19685750-1