Filter expression for Agent Header Response

book

Article ID: 212189

calendar_today

Updated On:

Products

CA Single Sign On Federation (SiteMinder) CA Single Sign On Agents (SiteMinder) SITEMINDER

Issue/Introduction

We would like to set headers from a multi valued directory attribute when it only contains 2 characters.

Some might contain 3 or 4 characters, but we only want to return the headers with the attributes that contain 2 characters. For example:

LDAPAttribute contains 4 values:

LDAPAttribute = AB

LDAPAttribute = CD

LDAPAttribute = 7890

LDAPAttribute = 1234

We only want to return LDAPAttribute=AB,CD

Cause

SiteMinder documentation is not able to cover all the use case customers have, it requires the user to be familiar with JUEL, and doesn't go a whole lot in detail, and leaves it as an exercise to the reader.

Generally the expression question can be out of support scope, hence customer saw the community discussion threads.

Customer may need to seek HCL service team for further help in configuring response expressions.

Environment

Release : 12.8

Component : SITEMINDER FEDERATION SECURITY SERVICES

Resolution

Here is a configuration example:

LDAP holds 3 separate values for postalcode.

postalCode=3131

postalCode=ab

postalCode=cd

Here is web agent response expression configuration from admin ui:

postalCodeshort=<$expr="FILTER(GET("postalCode"), "??")"$>

The expression returns any 2 bytes string, character or number.

1. Make sure Variable Name has no underscore.
2. Set response cache to "recalculate value every x seconds".

Testing the application target to a header dump page, you will get:

HTTP_POSTALCODE='3131^ab^cd'
HTTP_POSTALCODESHORT='ab^cd'

HTTP_POSTALCODESHORT holds the expected values.

Additional Information

https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=744404

Attachments

Feedback

thumb_up Yes

thumb_down No