I2 Oracle RP with Ping Identity IDP

From OSIS Open Source Identity Systems

Ping IDP does not populate any of the Attribute Values. Although SAML token is being correctly decrypted by Oracle RP, none of the claims (including ppid) seem to have any values. Oracle RP fails authentication as it cannot associate a principal with incoming SAML Token.

Here is the token(AttributeStatement part) from Ping IDP

<saml:AttributeStatement xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:Subject><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute AttributeName="privatepersonalidentifier" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims"><saml:AttributeValue/></saml:Attribute><saml:Attribute AttributeName="givenname" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims"><saml:AttributeValue/></saml:Attribute><saml:Attribute AttributeName="surname" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims"><saml:AttributeValue/></saml:Attribute><saml:Attribute AttributeName="emailaddress" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims"><saml:AttributeValue/></saml:Attribute></saml:AttributeStatement>

Tested by Ramana Turlapati (OCt 23, 1:00pm PDT)

Retrieved from "http://osis.idcommons.net/wiki/I2_Oracle_RP_with_Ping_Identity_IDP"

I2 Oracle RP with Ping Identity IDP

From OSIS Open Source Identity Systems

Views

Personal tools

Navigation

Search

Toolbox