Forum Discussion
read SAML attributes
Hi All,
In an iRule we extract an attribute from an SAML. if the the value of the attribute is a simple string we can get the value; but if the value is a complexe element we get the concatenation of all values of the inside elements without the elment names.
For example:
if the value of the attribute is:
<saml2:Attribute Name="urn:be:fgov:ehealth:1.0:campus:site-number:campus:address" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml2:AttributeValue xsi:type="xsd:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<aa:Address Type="contact" xmlns:aa="urn:be:fgov:ehealth:aa:complextype:v1">
<aa:Street>
<aa:Description xml:lang="fr">Rue de bois</aa:Description>
</aa:Street>
<aa:HouseNumber>20</aa:HouseNumber>
<aa:Municipality>
<aa:ZipCode>9000</aa:ZipCode>
<aa:NSICode>44021</aa:NSICode>
<aa:Description xml:lang="fr">Gand</aa:Description>
<aa:Description xml:lang="nl">Gent</aa:Description>
<aa:Description xml:lang="de">Gent</aa:Description>
</aa:Municipality>
<aa:Country>
<aa:NSICode>150</aa:NSICode>
<aa:Description xml:lang="fr">Belgique</aa:Description>
<aa:Description xml:lang="nl">België</aa:Description>
<aa:Description xml:lang="de">Belgien</aa:Description>
</aa:Country>
</aa:Address>
</saml2:AttributeValue>
</saml2:Attribute>
Then
set address [ACCESS::session data get "session.saml.last.attr.name.urn:be:fgov:ehealth:1.0:campus:site-number:campus:address"]
will give the following value:
Rue de bois20900044021GandGentGent150BelgiqueBelgiëBelgien
Could you please advise on this?
Thanks
- yakaiCirrus
HI ELMELH
As I understood you are using APM as SAML SP , right ?
Can you see what are the saml session variables APM Got ?
If APM got these values formatted in different session variables, it will be better to use them instead.
Otherwise, if APM does not correctly get all variales I advise to use iRules LX to convert XML attribute to a string.
Regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com