When running Siteminder Policy Server as a Service Provider (SP), how to pass the SAMLResponse by header and cookies to the backend application server?

The requirement is to fetch assertion attributes sent in SAML 2.0 assertion token and place this as either HTTP header variable or cookie variable to use this value at the application side for validation.

There are 2 ways to pass the Assertion Values to HTTP Headers back server.

1 without the Session Store, and the other with a Session Store (1).

About the "HTTP Header Redirect Mode", when using RelayState having a target URL as a value, this probably won't work (2).

The Session Store allows the Policy Server to retrieve the Assertion Attribute value each time it's needed, usually at isAutorized processing.

1. Know Why : HTTP Header Redirect Mode OR Persist Variables???
   
   
2. Attributes Send to SP in SAML Assertion also need to be sent as HTTP Header Variables