Release NotesFederation Security Services Release NotesDefects Fixed for the Web Agent 6.x QMR 2 Option PackFixes for Web Agent v6.x QMR 2 Option Pack › HTTP Response Body with Extra Characters Prevents SiteMinder from Consuming Assertions (30799)

Previous Topic: Assertions with Multiple HTTP Status Headers Are Not Consumed (34218)

Next Topic: Back-channel Cert-based Authentication Fails on IIS 5.0 (30929)
HTTP Response Body with Extra Characters Prevents SiteMinder from Consuming Assertions (30799)

Symptom:

SiteMinder fails to consume SAML assertions if the HTTP response body includes extra characters. Also, SiteMinder produces SOAP request messages with single quote instead of double quote characters, which cannot be consumed by some SAML consumers.

Solution:

Federation Web Services has been modified so that SiteMinder consumes SAML assertions with extra characters and produces SAML assertions with double quotes.