Symantec Access Management

Hi,

I want to use an expression in directory mapping to append a value to the end of an attribute.

I create a directory mapping entry and name it as Attr1

Then i select Expression in the radio box and then type in the below.

Get('roomNumber')+'@testing.com'

The intended result is to get roomNumber attribute and append @testing.com to the end of this value.

The same expression works correctly when I set it as a cookie response. But when I do it as a mapped attribute, it doesn't give me the value during runtime.

Anything special that needs to be done when using expressions in directory mapping?

Regards,

Anand.

Anand anand3g

By your words, I am assuming you intend to read an attribute off your Authorization Directory (after Directory Mapping is successful using UniversalID between AuthDir and AzDir).

What is confusing me is are these words, "But when I do it as a mapped attribute, it doesn't give me the value during runtime."

Could you provide us with screenshot and clear steps that you are performing for configuring this, so as to understand what is being configured.

Regards

Hubert

I made a typo. I meant to say Attribute mapping in the user directory configuration.

I have this attribute called FedId which I'm configuring thusly

This returns me a 'FALSE'. I'm getting this FedId attribute as a header response. This header evaluates to 'FALSE' when I print it.

However, I'm setting another header response FedIdExpr with the exact same expression and that evaluates correctly.

Regards,

Anand.

Well it seems today, the attribute is returned properly if I set it as a header response.

However, when the federation partnership is querying it, it gives a

[1564/5652][Thu Apr 07 2016 19:31:30][SSO.java][ERROR][sm-FedClient-02890] Transaction with ID: db566dc9-abe26eff-4e00a1b5-ae3c6479-2518e9cf-c5d failed. Reason: FAILED_NO_ATTR_RETURNED (, , )

Regards,

Anand.

Anand anand3g

Are you using expression within Attribute Assertion in Federation Partnership?