Skip to main content

IV36844: UNSPECIFIED NAMEIDFORMAT IN ASSERTION TREATED AS PERSISTENT


 

APAR status

  • Closed as program error.

Error description

  • When the Format attribute for the NameID element in the SAML 2.0
Assertion is
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", the
Service Provider treats the Format as
"urn:oasis:names:tc:SAML:2.0:nameidformat:persistent". The
Service Provider must instead refer to the "DefaultNameIDFormat"
parameter configured for the Federation/Partner.

Local fix

  • There are 2 workarounds:
a) Specify a value for the Format attribute of the NameID
element
in the Assertion other than
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" OR
b) Remove the Format attribute from the NameID element in the
Assertion so that the SP will refer to the
"DefaultNameIDFormat" parameter configured for the
Federation/Partner.

Problem summary

  • When the Format attribute for the NameID element in the SAML 2.0

Assertion is
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", the
Service Provider treats the Format as
"urn:oasis:names:tc:SAML:2.0:nameidformat:persistent". The
Service Provider must instead refer to the "DefaultNameIDFormat"
parameter configured for the Federation/Partner.

Problem conclusion

  • The fix for this APAR is contained in the following maintenance
packages:
| fix pack | 6.2.0-TIV-TFIM-FP0013

Temporary fix

  • There are 2 workarounds:
a) Specify a value for the Format attribute of the NameID
element
in the Assertion other than
"urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" OR
b) Remove the Format attribute from the NameID element in the
Assertion so that the SP will refer to the
"DefaultNameIDFormat" parameter configured for the
Federation/Partner.

Comments

  •  
    • 
  
 
  
APAR Information
 
  
 
   
     
    
  • APAR number
    IV36844
    •  
    
  • Reported component name
    TIV FED ID MGR
    •  
    
  • Reported component ID
    5724L7300
    •  
    
  • Reported release
    620
    •  
    
  • Status
    CLOSED PER
    •  
    
  • PE
    NoPE
    •  
    
  • HIPER
    NoHIPER
    •  
    
  • Special Attention
    NoSpecatt
    •  
    
  • Submitted date
    2013-02-18
    •  
    
  • Closed date
    2013-02-18
    •  
    
  • Last modified date
    2013-02-18
    •  
   
 
  
 
  
     
   
  • APAR is sysrouted FROM one or more of the following:
     
     IV07701
     
    •  
   
  • APAR is sysrouted TO one or more of the following:
     
    •  
  
 
  
Fix information
 
  
     
   
  • Fixed component name
    TIV FED ID MGR
    •  
   
  • Fixed component ID
    5724L7300
    •  
  
 
  
Applicable component levels
 
  
     
   
  • R620 PSY
       UP
    •  
  
 
 
 

 









Rate this page:



(0 users)Average rating 





















	
	
	
	
	









	



























Copyright and trademark information



	
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.  Other product and service names might be trademarks of IBM or other companies.  A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.































Rate this page:






(0 users)Average rating









Add comments














Document information





	
Tivoli Federated Identity Manager


	




	
Software version:

	620

	





	
Reference #:

IV36844






Modified date:

2013-02-18








Translate my page














































 



Content navigation