I have an partnership built between 2 siteminder environment. The IDP end sends assertion attribute along for the user (mobile,givenName).
My SP end sends the attributes to the target application via HTTP_HEADER mode.
Here, the data is recieved in SMSAMLDATA cookie value and encrypted. I am not being able to get the datas in plain text and in header list.
I do need the data in plain text in header for the application to process it. I do not want to use "cookie data" mode which actually sends the data plain text.
Is there any ACO parameter or any other SPS setting causing it to get encrypted or is it normal behavior?
Yes, SMSAMLDATA cookie will be encrypted which is expected and apart from that you will find the assertion attributes as header variables.
If you select HTTP Headers as the redirect mode, CA Single Sign-On can deliver multiple attribute values in a single header. Separate each attribute value with a comma. This option is only for SAML 1.1 and 2.0.
Assertion data can be passed using HTTP headers.
Follow these steps:
HTTP headers are now configured to pass attribute data.
refer for more details.
Pass Assertion Data as HTTP Headers to Relying Party Applications - CA Single Sign-On - 12.6.01 - CA Technologies Docume…
Thanks for the reply. I did happen to forget to enable the SAMLdata plugin, for which the headers were not getting populated.
If I’ve answered your question please mark my response as the Correct Answer