OAM 11gR2PS3: ConfigurePolicyResponses On Header Separator Doesn't Work For SAML Attributes (Doc ID 2127380.1)

Last updated on APRIL 05, 2017

Applies to:

Oracle Access Manager - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Goal

You have followed the KB below trying to change the delimiter from Colon to other value:

OAM11g R2 PS2 BP02: How To Send Comma Separated Values For Multi Value Attributes Passed As Headers <Doc ID 1935703.1>

If the OAM attribute is retrieved from user identity store like below,

Authentication Policy > Response
test_description    Header    $user.attr.description

the Separator gets updated to desired one:

header output:
HTTP_TEST_DESCRIPTION    intbTestDelimiter0 | intbTestDelimiter02 | intbTestDelimiter03

However, if the attributes are extracted from SAML attributes,

Authentication Policy > Response
SAML_MultiValueAttr    Header    $session.attr.fed.attr.urn:ehealth:names:idm:attribute:MultiValueAttr

the command have no effect:

SAML_MultiValueAttr    intbTestDelimiter0 \: intbTestDelimiter02 \: intbTestDelimiter03
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms