NimbostratusBigIP/APM as SP, fails to parse IdP SAML Assertion message when <AttributeValue> misses xsi:type
For instance, such a <AttributeValue> in the <AttributeStatement>
<AttributeStatement>
<Attribute Name="userid">
<AttributeValue>
QA-EU10002
</AttributeValue>
</Attribute>
....
</AttributeStatement>
has finally resulted in such an error message in the Access Policy related bebug loggings:
File="ApmD.cpp",Function="process_apd_request",Line="2022",Message="processing of access policy is done, result code=fffffff3"
It's really appreciated if someone would share some valueable experiences dealing with similar problems.
/////////////a bit detailed debug loggings//////////////
Jun 19 17:15:49 ::ffff:146.72.254.152 hostname="bigip-h15.vps.no",errdefs_msgno="01490004:6:",partition_name="Common",session_id="92c66590",Access_Profile="/Common/vps_auth_qa_v2.1",Partition="Common",Session_Id="92c66590",Executed_Agent="/Common/vps_auth_qa_v2.1_act_saml_auth_ag",Return_Value="3",result_str="Need User input"
Jun 19 17:15:49 ::ffff:146.72.254.152 hostname="bigip-h15.vps.no",errdefs_msgno="01490266:7:",partition_name="Common",session_id="92c66590",Access_Profile="/Common/vps_auth_qa_v2.1",Partition="Common",Session_Id="92c66590",File="AccessPolicyManager/AccessPolicy.cpp",Function="_executeOneAgent",Line="249",Message="user input is required"
Jun 19 17:15:49 ::ffff:146.72.254.152 hostname="bigip-h15.vps.no",errdefs_msgno="01490266:7:",partition_name="Common",session_id="92c66590",Access_Profile="/Common/vps_auth_qa_v2.1",Partition="Common",Session_Id="92c66590",File="ApmD.cpp",Function="process_apd_request",Line="2022",Message="processing of access policy is done, result code=fffffff3"
Jun 19 17:15:49 ::ffff:146.72.254.152 hostname="bigip-h15.vps.no",errdefs_msgno="01490266:7:",partition_name="Common",session_id="92c66590",Access_Profile="/Common/vps_auth_qa_v2.1",Partition="Common",Session_Id="92c66590",File="ApmD.cpp",Function="writeSessionVarToSessionDb",Line="2649",Message="syncing data with MEMCACHED"
