Dear All,
Wish you all a Very Happy and Prosperous New Year 2019.
HubertDennis
Here is my question.
I am trying to add a string "@xyz.com" after uid.
1. I have created a expression and used that expression in user directory as suggested in various threads.
2. I have used the expression name from user directory in the federation Assertion Attribute as below.
but still i am not able to get what i am looking for. that is (uid@xyz.com).
How can i get this manipulated and passed into the assertion.
and below is the log i see, which is empty.
</ds:Signature>
<ns2:Subject>
<ns2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">josch@****.**</ns2:NameID>
<ns2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<ns2:SubjectConfirmationData NotOnOrAfter="2019-01-03T08:19:48Z" Recipient="https://login.microsoftonline.com/login.srf"/>
</ns2:SubjectConfirmation>
</ns2:Subject>
<ns2:Conditions NotBefore="2019-01-03T08:17:48Z" NotOnOrAfter="2019-01-03T08:19:48Z">
<ns2:OneTimeUse/>
<ns2:AudienceRestriction>
<ns2:Audience>urn:federation:MicrosoftOnline</ns2:Audience>
</ns2:AudienceRestriction>
</ns2:Conditions>
<ns2:AuthnStatement AuthnInstant="2019-01-03T08:18:18Z" SessionIndex="6DlqRYL6Ct0N6mkpMsQ5lZX1FcY=5GZC9A==" SessionNotOnOrAfter="2019-01-03T08:19:48Z">
<ns2:AuthnContext>
<ns2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns2:AuthnContextClassRef>
</ns2:AuthnContext>
</ns2:AuthnStatement>
<ns2:AttributeStatement>
<ns2:Attribute Name="EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns2:AttributeValue>josch@***.xx</ns2:AttributeValue>
</ns2:Attribute>
<ns2:Attribute Name="UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns2:AttributeValue/>
</ns2:Attribute>
<ns2:Attribute Name="ImmutableID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns2:AttributeValue>josch</ns2:AttributeValue>
</ns2:Attribute>
<ns2:Attribute Name="First name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns2:AttributeValue>Joseph</ns2:AttributeValue>
</ns2:Attribute>
<ns2:Attribute Name="Last name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns2:AttributeValue>Christie</ns2:AttributeValue>
</ns2:Attribute>
<ns2:Attribute Name="username" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns2:AttributeValue>josch</ns2:AttributeValue>
</ns2:Attribute>
</ns2:AttributeStatement>
</ns2:Assertion>
in the logs, UPN value is empty and nothing is passed to the assertion.
any clue or suggestion will be really great.
PS: I have referred to following threads, before posting this question here.
https://communities.ca.com/thread/241738164
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/configuring/policy-server-configuration/attributes-and-expressions-reference/
https://communities.ca.com/thread/241751620
https://communities.ca.com/thread/241782406-using-expression-in-a-federation-partnership
https://communities.ca.com/thread/100045213
https://communities.ca.com/thread/241738111