how do I read attributes from headers??

Sridhar Sripathy ssripathy25 at yahoo.com
Fri Nov 4 03:36:14 GMT 2011 

Hi, 
I am new to Shibboleth and SAML in general.
I have the Shibboleth SP agent configured for an IIS7 web app and I have a SAML Tracer 
plugin showing that the SAML response getting posted from IdP to SP (see below). I have a ASP .NET application and all I am trying to do is read the SAMLResponse or look at the attributes pushed to me by IdP. I have 
the attribute-map.xml configured correctly to map the attributes 
All the ASP .NET page is doing is dumping the Headers 
and this is all I see as below. How do I read the attributes from my ASP .NET page?  I see 
the attributes sent over from SP to IdP when I use https://../Shibboleth.sso/Session URL
Are the headers appendd to the encrypted session cookie? Or I need some IIS 7 config change to enable seeing the attrs as headers?

HTTP Headers retrieved 


Connection: keep-alive Accept: 
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Accept-Encoding: gzip, 
deflate Accept-Language: en-us,en;q=0.5 Cookie: 
_shibsession_64656661756c7468747470733a2f2f6c61626974303277696e3230303872322e626f632e61642e63656e7375732e111116f6c657468=_12d45c41fade37e34f3bf56531ccfff5; ASPSESSIONIDSETDRSSA=BGJNCC11DIE Host: mySP.test.org User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 
ShibSpoofCheck: 630984012180204917122709628663327597330 
HTTP_CONNECTION:keep-alive 
HTTP_ACCEPT:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
HTTP_ACCEPT_CHARSET:ISO-8859-1,utf-8;q=0.7,*;q=0.7 
HTTP_ACCEPT_ENCODING:gzip, deflate 
HTTP_ACCEPT_LANGUAGE:en-us,en;q=0.5 
HTTP_COOKIE:_shibsession_64656661756c7468741111111111111111141fade37e34f3bf56531ccfff5; ASPSESSIONIDSETDRSSA=BGJNCCOAAdNKIKODIE 
HTTP_HOST:mySP.test.org 
HTTP_USER_AGENT:Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 
HTTP_SHIBSPOOFCHECK:63098401218020491712211111163327597330 


The SAML Trace 

POST https://mySP.test.org/Shibboleth.sso/SAML2/POST HTTP/1.1 
Host: mySP.test.org 
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Accept-Language: en-us,en;q=0.5 
Accept-Encoding: gzip, deflate 
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 
Connection: keep-alive 
Referer: https://myIDP.test.org:8443/nidp/saml2/sso?SAMLRequest=BCrgRqpWqu31tuqzCNhtVRX%2BealnYeC0kBOg%2BWxMyU5gc3GF67b8u3o0%2F0fR4Cr56XqGL8DnFD27d6TVstCdbD68vOv0cWEEtyJDIcLz88jfjzP%2FBA%3D%3D&RelayState=ss%3Amem%3A24015e300d441c49064db74d4715de54
Cookie: _shibsession_111111c7468747470733a2f2f6c61626974303277696e3230303872322e626f632e61642e63656e7375732e676f711111111168=_c1ad885514cf14a54e11; ASPSESSIONIDSETDRSSA=BGJNCCOAALDAN11IKODIE 
Content-Type: application/x-www-form-urlencoded 
Content-Length: 8216 

HTTP/?.? 302 Moved 
Cache-Control: private,no-store,no-cache 
Content-Length: 40 
Content-Type: text/html 
Expires: 01-Jan-1997 12:00:00 GMT 
Location: https://mySP.test.org/vlabsample/Consume.aspx
Server: Microsoft-IIS/7.5 
Set-Cookie: 
_shibsession_64656661756c74687111111111111303277696e3230303872322e626f632e61642e63656e7375732e676f762f73702f736869621111168=_12d45c41fade37e34f3bf56531ccfff5; path=/ 
X-Powered-By: ASP.NET 
Date: Thu, 27 Oct 2011 21:00:38 GMT 

The Session Info 

Miscellaneous 
Client Address: 10.10.25.aaaa 
Identity Provider: https://myIDP.test.org:8443/nidp/saml2/metadata
SSO Protocol: urn:oasis:names:tc:SAML:2.0:protocol 
Authentication Time: 2011-10-27T20:57:14Z 
Authentication Context Class: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport 
Authentication Context Decl: secure/name/password/uri 
Session Expiration (barring inactivity): 464 minute(s) 

Attributes 
cn- John Doe 
sn: Doe 
givenName: John 
persistent-id: https://myIDP.test.org:8443/nidp/saml2/metadata!https://mySP.test.org/sp/shibboleth!S+H/+RVa1FJgYsssshGAWg7tg==
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20111103/f2623c48/attachment.html

More information about the users mailing list