SAML features to customise authnrequest with nameid

book

Article ID: 142878

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On Agents (SiteMinder) CA Single Sign On Federation (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) SITEMINDER

Issue/Introduction

 

We're running a Policy Server in a Federation scenario and we'd like
to know how to set the NameID within the Authnrequest ? 

 

Environment

 

Policy Server 12.8SP3 on RedHat 7;

 

Resolution

 

At first glance, there's no option to include the NameID in the
Subject within an Authnrequest. In the Authnrequest is only to specify
the NameID format, and optionally allow the IdP to create the user
identifier.

You may be able to customize the Authnrequest by Customizing an
AssertionGeneratorPlugin :

  Customize Assertion Content

    Implement the AssertionGeneratorPlugin Interface
    Deploy an Assertion Generator Plug-in
    Enable the Assertion Generator Plug-in

  https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8-03/configuring/partnership-federation/assertion-configuration-at-the-asserting-party/customize-assertion-content.html

In order to get that functionality implemented in SiteMinder, we
invite you to submit an Enhancement Request (Idea) on the Security
page :

  1. Go to the "All Ideas" page :
     https://community.broadcom.com/ideation/allideas
  2. Click on the "Add" button.
  3. In the "Select categories...", select "Layer7 Access Management".
  4. Write a title in the "title" box.
  5. Write a complete description of the Enahcement Request or
     Certification you'd like to post.
  6. Click on "Save" to get the Idea submitted !