Context Variable does not get a value (comes empty) into the encap assertion
Article ID: 200789
Updated On:
Products
Issue/Introduction
%%SHARED%%.request.shared.error.msg = {String} "{
"error":"ldap_exception",
"error_description":"LDAP error: Modify CA Directory Failed: user.dn: uid=triangle3112,ou=Customers,ou=Users,ou=cust,dc=CustomerT,dc=ca, accountLocked: False, accountLockedUpdated: True, -- Timed -- 10 -- 2020-09-18T21:33:59.275Z -- , javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - Invalid Attribute Syntax]; remaining name 'uid=triangle3112,ou=Customers,ou=Users,ou=cust,dc=CustomerT,dc=ca'."
}"
Environment
Release : 9.4
Component : API GATEWAY
Cause
1. currTimePlusExpiryMins.local.yyyyMMddHHmmssZ was set as encapsulated assertion input but not defined in parent policy, essentially giving it an empty value
2. currTimePlusExpiryMins was set inside the encapsulated assertion as a Date/Time context variable. Normally this autopopulates currTimePlusExpiryMins.local.yyyyMMddHHmmssZ
3. The empty currTimePlusExpiryMins.local.yyyyMMddHHmmssZ defined in the input overrode the correct value inside the encapsulated assertion
Something like "Warning: If you are planning to use context variables local to the encapsulated assertion, make sure that they are not defined as inputs to prevent the local variables from being overridden by the inputs"
Resolution
Needed to recreate the OTK encap assertion without the currTimePlusExpiryMins.local.yyyyMMddHHmmssZ from the list of inputs.
Feedback
