Oracle Access Manager 11g (OAM 11.1.2.3.171017) Federation - Need the Ability to set "Always Send" Flag Attributes to True, but ONLY Include When Their Values are not NULL
(Doc ID 2408097.1)
Last updated on NOVEMBER 14, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.171017 and laterInformation in this document applies to any platform.
Symptoms
- Oracle Access Manager 11g (OAM 11.1.2.3.171017) Federation - Need the Ability to set "Always Send" Flag Attributes to True, but ONLY Include When Their Values are not NULL
- Implementing a SAML 2.0 federation scenario where OAM is Identity Provider (IdP) and the Service Provider (SP) is managed by an external entity
Request Flow
- SSO is SP-Initiated
- No attributes are specified in the request
- SP Partner Entity in OAM configuration references an Attribute Mapping Profile. The attribute mapping profile specifies a number of attributes flagged with "Always Send".
- When OAM sends back the SAMLResponse, the attributes that does not have a value are still sent but with xis:nil="true":
- Because of integration issue, SP does not want such "null" attributes and is not expecting such attributes at all
Is there a way to configure OAM Fed to not send such "null" attributes?
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |