Fixes are available
Closed as program error.
Using an extened use case of IZ85970 The notes for the fix state that the Recipient can be overwritten with the ContextAttributes attribute Recipient. Given the following use case, I would expect the Recipient to pulled from the STSUUSER, but it is not used. User sends a WST RST message with a STSUUSER in the wst:ValidateTarget. This STSUUSER has the Recipient context attribute set, which propagates to the outer shell STSUUSER later in TFIM processing. The WST does not have a claims element. So the parameter override is there, but because the STSUUSER that gets passed to the SAML module in this case doesn't have a claims element the override is ignored.
none working at this time.
SubjectConfirmationData is missing when generating a SAML 2.0 assertion with Bearer subject confirmation method and no claims is supplied in the RST.
The fix for this APAR is contained in the following maintenance packages: | fix pack | 6.2.2-TIV-TFIM-FP0004
Reported component name
TIV FED ID MGR
Reported component ID
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
TIV FED ID MGR
Fixed component ID
Applicable component levels
Rate this page:
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.