SAML Response shows dupllicated id

book

Article ID: 131449

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

We're Running a Policy Server, and in the Federation Journey, we see
that the SAML Responses show duplicated ID and as such the SP side
cannot consume the assertion. 

  <ns2:Assertion xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion" 
   ID="_989cd331197cb7da92c224ca7c6467544bfd" 
   Id="_989cd331197cb7da92c224ca7c6467544bfd" 
   IssueInstant="2019-04-29T06:11:42Z" 
   Version="2.0" 
 
How can we fix this ?

Cause

   This is corrected in Policy Server 12.8SP1 :

   Defects Fixed in 12.8.01 

   01090398, 01121619, 

   01153845, 01136496, 

   01137702, 01169777 

   DE365688 

   DE371749 

   Single sign-on fails as Policy Server issues duplicate assertion IDs in an assertion. 

   https://docops.ca.com/ca-single-sign-on/12-8/en/release-notes/service-packs/defects-fixed-in-12-8-01 
 

Environment

  Policy Server 12.8SP0CR00 on RedHat 7; 
  Policy Server JDK 1.8.0_181; 
  Policy Store on CA Directory 14.0; 
  Admin UI 12.8SP1 on Windows 2012 R2 ; 
 

Resolution

  We suggest you to upgrade to the latest version 12.8SP02 in order to 
  insure to have all the latest fix including this one.