Layer 7 Access Management

Expand all | Collapse all

siteminder expression response : conditional checks

  • 1.  siteminder expression response : conditional checks

    Posted 09-01-2015 11:39 AM

    In continuation of thread Siteminder Expression Response

     

    Anand anand3g had a question regarding the below.

     

    Are expressions flexible enough to do conditional checks?

     

    Like check for a user attribute, if null, then don't set that cookie, or pick up another attribute?

     

     

     

     

    Regards

     

    Hubert



  • 2.  Re: siteminder expression response : conditional checks

    Posted 09-01-2015 11:41 AM

    Try this logic and let know (works for me).

     

    If LENGTH of givenName attribute value is "0" then return sn, else return givenName.

     

     

    Capture.JPG

     

     

     

    Regards

     

    Hubert



  • 3.  Re: siteminder expression response : conditional checks

    Posted 04-04-2016 05:25 PM

    Hi there,

    Is there a way to truncate few characters form a the givenname?

    Has anyone tried it?

    please let me know .

    Thank you,

    Sowmya



  • 4.  Re: siteminder expression response : conditional checks

    Posted 04-04-2016 11:22 PM

    sowmya.gadang

     

    If I could request you to present an example you wish to accomplish, it would be easier to answer. There is no direct function for TRUNCATE. However there are ways to do it, for that need to understand what exactly we need to accomplish. If you could provide examples of what is the pre and post values, I could suggest.

     

     

    Regards

     

    Hubert



  • 5.  Re: siteminder expression response : conditional checks

    Posted 04-05-2016 06:44 AM

    Hi There,

    Thank you so much for a quick response. Here is my problem.

    I have an AD Attribute employeeID that has the values of alpha numeric, e.g. ABC-123456. When I send the information over in the http-header-variable, I need to strip the ABC- and send only the number part.

    I would need to use something similar to either substring or truncate the first 4.

    Your help is greatly appreciated.

    Thank you,

    Sowmya Gadang



  • 6.  Re: siteminder expression response : conditional checks

     
    Posted 04-05-2016 08:23 AM

    You can use the AFTER command.

     

    AFTER(employeeID,'-') should turn ABC-123456 to 123456.



  • 7.  Re: siteminder expression response : conditional checks

    Posted 04-06-2016 03:46 PM

    Hello again,

    Thanks for your help! it worked for me. But now I have another issue with a Federation partneship.

    Is there a way to strip four characters out from a nameID Attribute from a Federation partnership.

    I need to remove the first four chcaracters form the nameID Value which is coming from AD.

    I can only send the Number. For example, I have "ABC-123456", I need to send only "123456".

    AFTER did not work for me here......

    Any help is greatly appreciated.

     

    If I can not do it at Assertion configuration, is there a place where I can do it? If so, where and how.

     

    Thank you,

    Sowmya



  • 8.  Re: siteminder expression response : conditional checks

    Posted 04-06-2016 04:01 PM

    Soumya sowmya.gadang

     

    One humble request, always open a new thread for new queries. We can always reference older discussions if any as hyperlinks within a new thread. It keeps the discussion / thread nuclear and focussed; at the same time does not clog a single thread with too much chatter.

     

    You cannot do it at NAMEID.

     

    However you can do it at the Assertion Attribute layer. Expression is supported here.

     

    Capture.JPG



  • 9.  Re: siteminder expression response : conditional checks

    Posted 04-06-2016 04:37 PM

    Soumya sowmya.gadang

     

    2016-04-06 16_33_22-siteminder expression response _ conditional ch... _ CA Communities.png

     

     

     

    When you open a new thread could you also add your version of CA SSO. Then also enable FED TRACING in smtracedefault. Paste the lines from the trace logs which is processing the assertion responses. This could be a bug.



  • 10.  Re: siteminder expression response : conditional checks

    Posted 04-06-2016 05:00 PM


  • 11.  Re: siteminder expression response : conditional checks

    Posted 09-04-2015 12:25 PM

    Thank you!

     

    Is there a good reference somewhere with examples on these expressions?

     

    Regards,

    Anand.



  • 12.  Re: siteminder expression response : conditional checks

    Posted 02-02-2016 04:13 PM

    Hi

     

    Thanks for the example.

     

    Have you tried a nested conditional statement. An example below.

     

    (RoleName BEGINS_WITH "Role1") ? "999" : ((RoleName BEGINS_WITH "Role2") ? "888" : "000")

     

    Has this ever worked. Thanks in advance.

     

    Bharath