Release NotesFederation Security Services Release NotesDefects Fixed in the Web Agent 6.x QMR 3 Option PackFixes for Web Agent 6.x QMR 3 Option Pack › FWS Attribute Data is Not Propagated (41770)

Previous Topic: SAML Credential Collector Redirects Users to Incorrect Targets (40123)

Next Topic: Server Certificates with a Key Usage Extension Rejected by SAML Assertion Retrieval Component (42663)
FWS Attribute Data is Not Propagated (41770)

Symptom:

The Federation Web Services (FWS) application does not propagate user attribute data if it is specified in a generic format in the SAML assertion.

Solution:

Attribute data may be propagated to target applications. In 302 - cookie data redirect mode, Federation Web Services issues a cookie for each generic attribute in a SAML assertion. In server side redirect mode, Federation Web Services passes a HashMap to the target application. The HashMap contains entries for each generic attribute in a SAML assertion; the name of the request attribute is Netegrity.AttributeInfo.

For the following assertion sample, SiteMinder can set attribute values for FirstName and LastName:

<saml:AttributeStatement>
        .
        .
        .
 <saml:Attribute AttributeName="FirstName"    AttributeNamespace="AttributeNS">
   <saml:AttributeValue>JOHN</saml:AttributeValue>
     </saml:Attribute>
 <saml:Attribute AttributeName="LastName"    AttributeNamespace="AttributeNS">
    <saml:AttributeValue>SMITH</saml:AttributeValue>
 </saml:Attribute>
</saml:AttributeStatement>