Symantec Access Management

 View Only
  • 1.  NameID attribute in SAML assertion

    Posted Dec 07, 2017 05:46 AM

    I know how to achieve lower case/upper case use case using UCASE/LCASE functions in an expression.

    But Is there is any provision to ignore case sensitivity for nameID attribute in SAML assertion??

  • 2.  Re: NameID attribute in SAML assertion
    Best Answer

    Posted Dec 07, 2017 11:05 AM

    Are we asking, if in the incoming SAML Assertion, the NameID attribute contains "XYZ" or "Xyz or "xyz". Then CA SSO should disambiguate as per whatever is the case of the value in NameID attribute? If Yes, I am thinking CA SSO just does that OOB. CA SSO relies on the UD's ability to disambiguate / differentiate "XYZ" or "Xyz or "xyz" and return success or failure based on a perfect match.


    Please suggest if the use case mentioned above is what was expected, so that we are on the same page to begin with.




  • 3.  Re: NameID attribute in SAML assertion

    Posted Jan 03, 2018 05:32 AM

    Thanks Hubert...I always knew that...but just want to have confirmation from CA!!




  • 4.  Re: NameID attribute in SAML assertion

    Posted Dec 07, 2017 11:42 AM

    Which User Directory the nameID is reading through ? I remember with Oracle we can able to do that at database end. Some sort of Index you can create on the table where that NameID is being stored and create a trigger at logon time who queries the table. Some kind of NLS SORT functions can be used. Your DBA will be best to evaluate the best solution for your environment.