Last updated on MARCH 08, 2017
Applies to:Oracle Identity Federation - Version: 220.127.116.11
Information in this document applies to any platform.
Oracle Identity Federation (OIF) 11g as Identity Provider (IdP) is configured with Oracle Access Manager 10g as Authentication Engine. OIF has been configured to send attributes (UID) to the specific Service Provider for authentication requests using Transient NameID Format.
Service Provider (SP)-initiated Single Sign-On (SSO) is successful using Transient NameID Format. The SAML Response status from OIF as IdP is "Authentication Successful".
However although SSO is successful, OIF as IdP is not sending the correct UID attribute value to the SP, in the assertion. The value of UID attribute in the OIF session is set to the literal string "uid" rather than the expected uid attribute value of the OAM-authenticated user in the IdP domain.
If OIF is configured to use the default LDAP Authentication Engine, the uid attribute in the Assertion is set correctly to the authenticated user ID.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms