Symantec Access Management

  • Private Community
Back to discussions
Expand all | Collapse all

how to send customize attributes in SAML response using CA siteminder WAMUI 12.5

  • 1.  how to send customize attributes in SAML response using CA siteminder WAMUI 12.5

    Posted Feb 21, 2018 01:06 AM

    I want to send saml response containing the customize attribute to AWS i.e attribute which specify users of group1 can assume role1 while accessing resource.

    I thought to write expression to specify above mentioned condition but was not able  to find expression option in Assertion attribute field in WAMUI 12.5.Is there any other way to customize attribute in WAMUI 12.5.



  • 2.  Re: how to send customize attributes in SAML response using CA siteminder WAMUI 12.5
    Best Answer

    Posted Feb 21, 2018 01:36 AM

    Hello Rolss,

     

    You can use Assertion Generator Plugin to send custom attributes in SAML Response. Please refer to the below link for reference

     

    AssertionGeneratorPlugin (CA SiteMinder SDK r12.0 SP2) 

     

    Once you create a .jar file which would generate the custom attributes for you, then you can put the name of this .jar file in Assertion Configuration -> Plug-in Class . Then you can give the Parameter which would be given to this file in Assertion Configuration -> Plug-in Parameters.

     

    In Addition to above, place the .jar file in the /lib/ folder of you policy server and place the path of this .Jar file in /config/JVMOptions.txt present on the Policy Server.

     

    Once above configuration is done, the SAML response would be updated based on the condition you placed in the .jar file and the parameter it receives.