SAML token generation adding #xd in new line automatically
search cancel

SAML token generation adding #xd in new line automatically

book

Article ID: 402164

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

After migrating to a container based gateway, one of the SAML/gen services that is used to generate a SAML token is showing a "#xd" character at the end of each line automatically. No code changes were done and is just simply being run on container based gateway hosted on Azure. Here is a sample of the response:

saml2:Assertion Version="2.0" ID="SamlAssertion-d45dfaa6add89e0fe6474c3b2d0dfa43" IssueInstant="2025-06-13T14:21:18.635Z" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:Issuer>env.example.com</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#SamlAssertion-d45dfaa6add89e0fe6474c3b2d0dfa43"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>VfqqK5iAmGFCD22Lc0tRN4lIa3g=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Ul1EIp1G7lt6FdOwplBVpkLlMkSqTjuKArO0txdBGz6UGl3pbELRs19ZdfOjXNlACtSyoKtL+8ba&#xd;
X7KXf/JyJ6t2fukuMx5AcO+M8aTnZw9+Zae/oqw9beYjN/2obMQw/B3xPG3YXnJ3ET70LMVmw45d&#xd;
9ra8SfjbLzmKKuLr8tFz/Z7UGVu8bSVTP0s/WKOPLGw50ZCPnUJeEXcCM8lrkzgkpAePVwEbM+fv&#xd;
Sc1FYFt3sWkgF2Llaeja4yk66wBhEq//PlBNtVmra5UC3WI+frNx95el2lLjb5POX2/RwpOz9Is6&#xd;
oiQRgxLpKvqY5eHQ8L1IQAP+JbOIrPGxzMTK6g==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509SubjectName>CN=env.example.com,O=Company Name,L=Toronto,ST=Ontario,C=CA</ds:X509SubjectName><ds:X509Certificate>MIIFxTCCBgtgAwIBAgIQDRez5qm76KOkuLbrpj0XpTANBgkqhkiG9w0BAQsFADBNMQswCQYDVQQG&#xd;
EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMScwJQYDVQQDEx5EaWdpQ2VydCBTSEEyIFNlY3Vy&#xd;
ZSBTZXJ2ZXIgQ0EwHhcNMjQwODMwMDAwMDAwWhcNMjUwODI5MjM1OTU5WjB+MQswCQYDVQQGEwJD&#xd;
QTEQMA4GA1UECBMHT250YevzEQMA4GA1UEBxMHVG9yb250bzErMCkGt6A1UEChMiQ2FuYWRpYW4g&#xd;
SW1wZXJpYWwgQmFuayBvZiBDb21tZXJjZTEeMBwGA1UEAxMVc2l0LmludC5haHViLmNpYmMuY29t&#xd;
MIIBIjANBgkqhkiGsxBAQEFAAOCAQ8AMIIBCgKCAQEA2EkBflayzih0JluzdLxJfPIOOGTYa5/mE&#xd;
vhENqNJYQGOM8itcLHKBLCXVsNFlHHZUYTbji5xmAI7l8ZKZMQJWrVU5THiXn/5UMc870nMr9SwK&#xd;

Environment

API Gateway 11.X

Resolution

Append the system.properties file with the following parameter:

org.apache.xml.security.ignoreLineBreaks=true

This is in the system.properties file of our appliance gateways (by default). This prevents the carriage return character from being added. 

The container may need to be restarted for the change to be picked up.

Powered by Wolken Software