Release NotesFederation Security Services Release NotesDefects Fixed in the Policy Server 6.0 SP5 Option PackFixes for Policy Server 6.0 SP5 Option Pack › No Mechanism to Sign Attribute Query Requests and Responses (85124)

Previous Topic: SAML Parser Error Occurs When Consuming a SAML 1.1 Assertion with Special Characters (85642)

Next Topic: SiteMinder Rejects Assertion if <NameIdentifier> Element is Embedded in the <SubjectConfirmation> Value (51696)
No Mechanism to Sign Attribute Query Requests and Responses (85124)

Symptom:

Federation Security Services does not provide any mechanism to sign Attribute Query requests and corresponding Attribute Query responses.

Solution:

Federation Security Service now provides an option to sign Attribute Query and the corresponding SAML response. A check box has been added to the Attributes tab of the SAML 2.0 Auth Scheme that enables singing of Attribute Query requests. Also, a Require Signed Attribute Query checkbox has been added to the Attribute Svc tab of the Service Provider to specify that the IdP can accept only signed Attribute Query requests.

STAR Issue: 17549677