For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

TristanGray's avatar
TristanGray
Icon for Nimbostratus rankNimbostratus
Feb 11, 2022

APM - SAML Attributes Blank

Hello,

 

I am working on implementing a SAML IDP, however I'm running into an issue where the SAML payload is not showing values for the attributes. Example:

 

<saml2:AttributeStatement>
<saml2:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"></saml2:Attribute>
<saml2:Attribute Name="email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"></saml2:Attribute>
<saml2:Attribute Name="displayname"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
<saml2:AttributeValue xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">email@email.com</saml2:AttributeValue>
</saml2:Attribute>

 

The attributes as defined in the IDP Config are:

displayname = %{session.logon.last.logonname}

email = %{session_logon_last_email}

uid = %{session.ad.last.attr.sAMAccountName}

 

What am I missing here?

 

BIG-IP Access Policy Manager (APM)
idp
saml
security
No RepliesBe the first to reply