IV36844: UNSPECIFIED NAMEIDFORMAT IN ASSERTION TREATED AS PERSISTENT

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • When the Format attribute for the NameID element in the SAML 2.0
    Assertion is
    "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", the
    Service Provider treats the Format as
    "urn:oasis:names:tc:SAML:2.0:nameidformat:persistent". The
    Service Provider must instead refer to the "DefaultNameIDFormat"
    parameter configured for the Federation/Partner.
    

Local fix

  • There are 2 workarounds:
    a) Specify a value for the Format attribute of the NameID
    element
    in the Assertion other than
    "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" OR
    b) Remove the Format attribute from the NameID element in the
    Assertion so that the SP will refer to the
    "DefaultNameIDFormat" parameter configured for the
    Federation/Partner.
    

Problem summary

  • When the Format attribute for the NameID element in the SAML 2.0
    
    Assertion is
    "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified", the
    Service Provider treats the Format as
    "urn:oasis:names:tc:SAML:2.0:nameidformat:persistent". The
    Service Provider must instead refer to the "DefaultNameIDFormat"
    parameter configured for the Federation/Partner.
    

Problem conclusion

  • The fix for this APAR is contained in the following maintenance
    packages:
    | fix pack | 6.2.0-TIV-TFIM-FP0013
    

Temporary fix

  • There are 2 workarounds:
    a) Specify a value for the Format attribute of the NameID
    element
    in the Assertion other than
    "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" OR
    b) Remove the Format attribute from the NameID element in the
    Assertion so that the SP will refer to the
    "DefaultNameIDFormat" parameter configured for the
    Federation/Partner.
    

Comments

APAR Information

  • APAR number

    IV36844

  • Reported component name

    TIV FED ID MGR

  • Reported component ID

    5724L7300

  • Reported release

    620

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-02-18

  • Closed date

    2013-02-18

  • Last modified date

    2013-02-18

  • APAR is sysrouted FROM one or more of the following:

    IV07701

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    TIV FED ID MGR

  • Fixed component ID

    5724L7300

Applicable component levels

  • R620 PSY

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

Tivoli Federated Identity Manager

Software version:

620

Reference #:

IV36844

Modified date:

2013-02-18

Translate my page

Machine Translation

Content navigation