ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

XPath expression for Web Service Variable returning only first result


Article ID: 4460


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


Web Service Variable is created as below :

<Please see attached file for image>


SOAP Response :

<soapenv:Envelope xmlns:soapenv="" xmlns:xsd="" xmlns:xsi="">











XPath Expression : /*/*/*/*[local-name()='Permission']/text()

If using standard XPATH 1.0/2.0 API, the above XPath Expression parse the result as :

<Please see attached file for image>



Reference :

However, for the same SOAP response and XPath combination, Policy server fetches only the first result and hence resolves this Web Service variable to value (only) "SUPERUSER"

Policy server Java Util.log

October 16, 2016 9:04:30.76 PM[17008593:AEC Variable Resolution] After resolution resolved variables: <RVARS><Var name="EmptyString" rtype="3"><![CDATA[""]]></Var><Var name="BBHWSVariable" rtype="3"><![CDATA[SUPERUSER]]></Var></RVARS> 




This is as per the policy server design and is currently the limitation. Policy server is designed to evaluate to only the first node from the list. 

The other nodes are ignored.


Policy Server : 12.52 SP1 and abovePolicy Server OS : ANY


There is no workaround/resolution for this functionality at the moment.

Customer might implement their own web service client and XML parser using the custom Active Expression.



Additional Information



1558715618570000004460_sktwi1f5rjvs16twa.jpeg get_app
1558715616252000004460_sktwi1f5rjvs16tw9.jpeg get_app