Administrative UI issue with Assertion Generator Plugin
search cancel

Administrative UI issue with Assertion Generator Plugin


Article ID: 109036


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We updated the cawcom_r5.1.1.jar with cawcom_r5.1.3.jar for R12.52SP1CR7 CA SSO on the Administrative UI server.

AGP plugin is not working as expected. A review of assertions using AGP before and after last week's upgrade reveal that the values are not being parsed out as expected in the assertion. In the example below, the EmployeeID should have been parsed out as W263848703 not the entire string as seen here.

<ns2:Attribute Name="EmployeeID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">

We received a “failed to add deployment:iam_siteminder.ear" message in the logs. It doesn’t appear that the ".3.jar" version of file is available for download. Not sure if the issue is related to being on R12.52SP1CR7 now and we need a different version of the .jar file or if there was an issue with the original .jar file. How do we resolve this?

Also, subsequently, we got this while adding AGP and after activating/de-activating and then modifying the issue of the extra \ 's is present:
Pre-modify: Plug-in Class: e:\activeresponse\AssertionGeneratorPlugin\com\netegrity\assertiongenerator\AssertionGeneratorRegEx.xml
Plug-in Parameters: /"f&&ns2:Assertion&&ns2:AttributeStatement/ns2:Attribute[@Name='ClientID']/ns2:AttributeValue/text()&&FedID_XYZcorpClientID\}.*&&"

In Modify mode: Plug-in Class: e:\\activeresponse\\AssertionGeneratorPlugin\\com\\netegrity\\assertiongenerator\\AssertionGeneratorRegEx.xml
Plug-in Parameters: /"f&&ns2:Assertion&&ns2:AttributeStatement/ns2:Attribute[@Name='ClientID']/ns2:AttributeValue/text()&&FedID_XYZCorpClientID\\}.*&&"


Initial Environment:
12.52 SP01 CR06 on Win 2008

Upgraded Environment:
R12.52SP01 CR07 on Win 2012


Provided new jar file/ DevFix for DE331582 that fixed the deployment issue, as well as of  adding of additional \'s and the freezing issue when in Modify mode..

A new jar was created to fix the build issue by CA Engineering and renamed to cawcom_r5.1.1.jar so the AdminUI app server supporting code will work. In future releases, this jar build issue won't exist. This fix/change will be incorporated in future releases of R12.52SP1. But the problem doesn't exist in R12.6, R12.7, R12.8.