APAR status
Closed as program error.
Error description
By switching off the "SAML Subject Contains Name Identifier", the next two properties "SAML Name Qualifier" and "SAML Name Identifier Format" will be hidden. However, the value within SAML Name Identifier Format will still be used and will influence the behavior.
Local fix
No Local Fix
Problem summary
This fixes the problem that the Holder-of-Key SAML Assertion generated by AAA Post Process method could miss the X509 cert data in the SubjectConfirmationData element, when the setting "SAML Name Identifier Format" is set to a special value and then the "SAML Subject Contains Name Identifier" switch is turned off.
Problem conclusion
The SAML Holder-of-Key Assertion will use the corresponding format to generate its subject confirmation data when the "SAML Name Identifier Format" setting with non-empty value is hidden.
Temporary fix
Comments
APAR Information
APAR number
IC74863
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
382
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-03-08
Closed date
2011-04-15
Last modified date
2011-06-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
R381 PSY
UP
R382 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.8.2","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
11 February 2022