SAML Response XML tag changes in 12.8 SP5
search cancel

SAML Response XML tag changes in 12.8 SP5

book

Article ID: 213054

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

After upgrading Siteminder release to 12.8 SP5, it was noticed that the SAML Response tags has been changed as seen below which is causing some of the application on the SP side to fail with xml parse issues 

 

 12.8 SP5 SAML Response tags

[04/07/2021][14:23:49][12086][140177555400448][][SSO.java][processAssertionGeneration][Received the following response from SAML2 assertion generator: SAML2Response=<ns5:Response xmlns:ns5="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="http://www.w3.org/2009/xmlenc11#" xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmlenc#" Destination="https://test.example.com" ID="" IssueInstant="2021-04-07T14:23:49.021Z" Version="2.0">

 

 12.8 SP4 or lower  SAML Response tags

[04/07/2021][14:50:30][2762][140279704061696][1f253973-a62a4e79-effe6842-9caae6ea-caf5bfdc-38][SSO.java][processAssertionGeneration][Received the following response from SAML2 assertion generator: SAML2Response=<Response xmlns="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://test.example.com"  ID="" IssueInstant="2021-04-07T14:50:30Z" Version="2.0">

 

 

Environment

Release : 12.8 SP5 

Component : SITEMINDER FEDERATION SECURITY SERVICES

Resolution

The difference in 12.8.5 assertion is due to JAXB Third party library upgrade used by Siteminder .
The all XML NameSpaces  used in response are declared and XML NameSpace  prefix has been applied for all individual elements by JAXB in 12.8.5 


To Note that All these changed are per XML standards only.  


Two options should be considered to solve any issue arises from xml parsing on the SP side as follows : 

1) Customize the Assertion using the assertion generator plugin to send it in the Format you want 

2) The SAML code on the SP side to fix the parsing issue as what is being generated as per the xml standards 

Additional Information

tech doc reference: 

https://techdocs.broadcom.com/us/en/symantec-security-software/identity-security/siteminder/12-8/release-notes/Changes-to-Existing-Features/Changes-to-Existing-Features-in-12-8-05.html

Powered by Wolken Software