Fixes are available
APAR status
Closed as program error.
Error description
Using an extened use case of IZ85970 The notes for the fix state that the Recipient can be overwritten with the ContextAttributes attribute Recipient. Given the following use case, I would expect the Recipient to pulled from the STSUUSER, but it is not used. User sends a WST RST message with a STSUUSER in the wst:ValidateTarget. This STSUUSER has the Recipient context attribute set, which propagates to the outer shell STSUUSER later in TFIM processing. The WST does not have a claims element. So the parameter override is there, but because the STSUUSER that gets passed to the SAML module in this case doesn't have a claims element the override is ignored.
Local fix
none working at this time.
Problem summary
SubjectConfirmationData is missing when generating a SAML 2.0 assertion with Bearer subject confirmation method and no claims is supplied in the RST.
Problem conclusion
The fix for this APAR is contained in the following maintenance packages: | fix pack | 6.2.2-TIV-TFIM-FP0004
Temporary fix
Comments
APAR Information
APAR number
IV31641
Reported component name
TIV FED ID MGR
Reported component ID
5724L7300
Reported release
622
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-11-08
Closed date
2012-11-08
Last modified date
2012-11-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TIV FED ID MGR
Fixed component ID
5724L7300
Applicable component levels
R622 PSY
UP
Rate this page:
Average rating
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.