Oracle Access Manager 11g (OAM 11.1.2.3.x) Federated Service: SAML Attribute Value is Null When one of the User Attribute Values is Null in a Complex Expression
(Doc ID 2424413.1)
Last updated on JUNE 14, 2023
Applies to:
Oracle Access Manager - Version 11.1.2.3.170718 and laterInformation in this document applies to any platform.
Symptoms
Oracle Access Manager 11g (OAM 11.1.2.3.x) Federated Service: SAML Attribute Value is Null When one of the User Attribute Values is Null in a Complex Expression
- Have a SAML attribute formed with the concatenation of 2 user attributes and it is being sent to the service provider partner as part of SAML response.
- The values are being passed fine with both the backend LDAP attributes have some value.
- If one of the attribute is null then the value for the attribute in the SAML response if being sent null.
Example:
LDAP attrs - AccountNumber & AdditionalAN
SAML Attribute name - AN
value - $user.attr.accountnumber,$user.attr.additionalan
Assume for user "abc" accountnumber=123 and additionalan=456,789 then it works fine. SAML attribute AN is having 123,456,789
For same user "abc" if accountnumber=123 and additionalan is null (no value) then SAML attribute AN is also having null (no value).
LDAP attrs - AccountNumber & AdditionalAN
SAML Attribute name - AN
value - $user.attr.accountnumber,$user.attr.additionalan
Assume for user "abc" accountnumber=123 and additionalan=456,789 then it works fine. SAML attribute AN is having 123,456,789
For same user "abc" if accountnumber=123 and additionalan is null (no value) then SAML attribute AN is also having null (no value).
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |