We're sending a User Attribute in a Response. The Attribute we use is objectGUID from Active Directory. The problem is that the browser recieves the Attribute value as an octet. This is because the Active Directory stores it as an octet.

Then, the response the browser receives from SSO in httpheader is

 GUID=)%uffdd%06%3d%uffdd%24%uffdd%40%uffddD%18A%uffdd%uffdd%03%05

How can we make this value a String ?

You have to convert the value at the Policy Server level first. We do not provide an out of the box functionality to transform an Attribute value from Octet to String. However, you can use an Active Expression as Response and put Java code that will do it for you.

Find a sample below, there are many others over the Internet:

https://stackoverflow.com/questions/10326900/how-to-convert-an-octet-string-to-readable-string

On the Policy Server side, you have to run your own code to make the transformation and send the value as a string to the browser.