Question:
We're configuring Siteminder as OIDC Authorization Provider and having
set a virtual User attribute to returns multivalue LDAP attribute,
then the claims associated with it presents the data with a caret and
you'd like to know how to modify the format of the response header.
We've configured the virtual attribute in the Directory attribute
mapping as :
ENUMERATE(memberOf,STRING(RDN (STRING(%0),FALSE)))
The value are retrieved but the target server recieves the information
as :
"groups":"My_First_Group^My_Second_Group".
We'd like to know how to modify the answer to be
"groups":["My_First_Group","My_Second_Group"].
How can we do it ?
Answer:
Policy Server supports multi-values, but out of the box, each value is
separated from the other by a caret "^" and this is not
configurable. It suggested to use a custom code to change it.
If you need the functionality to allow to choose the way the mutiple
values should be separated, then we invite you to open a Enhancement
Request by writing an Idea on the Security page :
1. Go to the CA Security Overview Page :
2. Click on the "Actions" drop-down menu and select "Create an
idea."
3. Give your idea a title and detailed description to encourage
voting.
4. Publish and vote on your idea!
KB : KB000121383