Error message "The AuthnRequest with AuthnContexts is not supported." in Siteminder 12.0 SP3 acting as SP.

Article Id: 38653

Status: Published

Updated On: 14-02-2018 07:37

Legacy Id: TEC1832259

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

Summary:

We are getting the below error when Siteminder 12.0 SP3 posts a SAML assertion.

“The AuthnRequest with AuthnContexts is not supported.”

Below is the information I got it from the product documentation. If FSS is not supported then do we have an alternative to support it?

“Federation Security Services does not support the use of the <RequestedAuthnContext> element in an AuthnRequest, but selecting this check box prevents the transaction from failing.
If this checkbox is not selected (the default) and the incoming AuthnRequest has the <RequestedAuthnContext> element in it, the transaction fails. “

Instructions:

In this case, the documentation is correct. In version 12.0 SP3, you are not able have an AuthnRequest with AuthnContexts in an SP-Initiated SAML assertion.

However, this functionality is supported in later versions of CA Single-Sign On (Siteminder), starting from version 12.52 SP1 and later.

In addition, if you choose to upgrade, this functionality also requires that you have configured persistent sessions, witch will require deployment of one or more Session Stores in your environment, to process the requests.

Environment:

Release:
Component: SMFED