Append "@example.com" to assertion attribute in AdminUI Partnership configuration
search cancel

Append "@example.com" to assertion attribute in AdminUI Partnership configuration

book

Article ID: 46797

calendar_today

Updated On:

Products

CA Single Sign-On CA Single Sign On Federation (SiteMinder) SITEMINDER

Issue/Introduction


How to add or append "@example.com" to an attribute in SAML Assertion in the AdminUI Partnership configuration?

Having an assertion attribute called employeenumber but Service Provider (SP) is accepted in below mentioned form:

[email protected]

Here, "@example.com" needs to be appended to the employee number.

When the employeetype is retail, then only add "@example.com" to the employeenumber else use the mail attribute.

 

Resolution


Use GET and String concatenation functions in an expression to achieve this.

Follow the below steps:

  1. Go to Infrastructure --> Directory and User directory;
  2. Modify the user directory which you are using for Partnership federation;
  3. Create a virtual Attribute Mapping using an expression:

    To illustrate:

    name of the attribute mapping is "employee"

    Expression:

    GET(employeenumber)+""+"@example.com"

    Here, the employeenumber is the attribute that needs to be fetched from the LDAP User Directory.




  4. Go to Partnership federation and click on Assertion Configuration settings and use the same (employee) in the assertion attributes.

    Have a condition like below.

    When the employeetype is retail, then only add "@example.com" to the employeenumber else use the mail attribute.

    Kindly use below expression to achieve it.

    #{attr["employeeType"] == 'retail' ? attr["employee"] : attr["mail"]}



Attachments

1558697857920000046797_sktwi1f5rjvs16o16.jpeg get_app
1558697855855000046797_sktwi1f5rjvs16o15.jpeg get_app
Powered by Wolken Software