Force Upper/Lower Case in NameID/Assertion Attributes

book

Article ID: 37378

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Introduction: 

Force Upper/Lower Case in NameID/Assertion Attributes

Question: 

Some of our partners use a case sensitive username. Unfortunately, the Name ID we send in the SAML assertion, coming from the Active Directory user directory, is in mixed case. And often times, the database of usernames the vendor does not match the same mixed case as in Active Directory/LDAP (and thus the SAML Name ID in the assertion).

Is there an easy way to force the Name ID/Assertion Attributes being sent in a SAML 2.0 HTTP Browser POST binding to always be upper or lower case, regardless of what is in the AD User Directory?

Environment:  

R12.0 SP2/SP3, R12.5, R12.51, R12.52

Answer: 

Yes we can achieve the use case using UCASE/LCASE functions in an expression.

Please follow below steps.

1) Go to Infrastructure --> Directory and User directory.

2) Modify the user directory which you are using for Partnership federation.

3) Create a virtual Attribute Mapping using an expression.

For Example: name of the attribute mapping=lower_case

Expression: LCASE(uid) --> (here uid is the attribute which you are trying to fetch from the LDAP), if you want upper case, please use "UCASE"

<Please see attached file for image>

c2.PNG

 

<Please see attached file for image>

c3.PNG

4) Go to Partnership federation and click on Assertion Configuration settings.

5)

a) Enter the NameID value as "lower_case" (i.e attribute mapping name)

<Please see attached file for image>

c4.PNG

 

b) Enter the Assertion Attribute value as “lower_case" (i.e attribute mapping name)

<Please see attached file for image>

c5.PNG

 

6) Submit and activate the partnership.

Environment

Release: SOASMU99000-12.5-SOA Security Manager-Upgrade
Component:

Attachments

1558723580018000037378_sktwi1f5rjvs16wwu.png get_app
1558723578153000037378_sktwi1f5rjvs16wwt.png get_app
1558723576246000037378_sktwi1f5rjvs16wws.png get_app
1558723574280000037378_sktwi1f5rjvs16wwr.png get_app