Help- Attribute is null in request header during authorization

Nate Klingenstein ndk at internet2.edu
Wed Oct 3 13:58:54 EDT 2012


Milan,

> After IDP Authenticate user, it redirects to URL. where I have used filter in java to authorize user. I am not getting any  attribute header / cookie (UID is null)  from which I authorize user.

I'm not sure what filter you're talking about or which SAML service provider your filter is using.

The IdP is only responsible for sending you an assertion.  You can check to see whether the attribute names and values that you expect are in the assertion.  Whatever consumes that assertion will be responsible for setting the attributes.

If you are using the Shibboleth SP, the assertion will be logged in shibd.log on DEBUG.  It will also clearly indicate if it received attributes and discarded them.  I would, in this order, ensure that the assertion contains the attributes with the right names attribute-map.xml has entries uncommented, checking /Shibboleth.sso/Session after logging in, ensuring that the variables are getting into the Java servlet container, and then making sure that you've written your Java code correctly.

If you're not using the Shibboleth SP, please consult the service provider that you are using.

Thanks,
Nate.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20121003/0c0b7b65/attachment.html 


More information about the users mailing list