search cancel

activeResponse error : Failed to get IIDSamlAttribute from Active Response


Article ID: 37696


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On



We are not receiving session attributes in SAML assertion and http headers after doing all the things like creating SAML 2.0 authentication scheme, set redirect mode to persist data and defined the respective rules and siteminder is acting as service provider. Still we are getting the below error:

active Response: Failed to get IIDSamlAttribute from Active response


SiteMinder versions running 12.5, 12.51, 12.52    


As the attributes seems to have been retrieved from SAML assertion and we are using session store enabled for this environment and the active response which we have created and mapped it in the policy doesn't look like getting the Session attributes derived in the active response and looks like the configuration is missing somewhere.


Please make sure that the realm should be persistent where you have mapped the SAML 2 authentication scheme.


Please note: If you want to add attributes to an assertion, please make sure that you are selecting the authentication scheme is configured to persist session attributes.


Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus