Hi There,

I am just wanting to get others feedback on the following. I have been
playing around with the SAML assertion which is available to be injected
into the header via an identity injection. Pulling it apart, I see that
its using the CN of the user as the x509 Subject as below:


Code:
--------------------

<saml:Assertion xmlns:saml="urnasis:names:tc:SAML:1.0:assertion" AssertionID="idr6tgF1GC62uROS5IMpVXRQBR3js" IssueInstant="2013-03-27T10:20:29Z" Issuer="cn=SCCkeh2qo,cn=cluster,cn=nids,ou=accessM anagerContainer,o=novell" MajorVersion="1" MinorVersion="1"><saml:Conditions NotOnOrAfter="2013-03-27T11:20:29Z"/><saml:AuthenticationStatement AuthenticationInstant="2013-03-27T10:20:29Z" AuthenticationMethod="urn:ietf:rfc:2246"><saml:Sub ject><saml:NameIdentifier Format="#X509SubjectName">cn=ec9c80dd9fa8b94,o=MyT REE</saml:NameIdentifier></saml:Subject></saml:AuthenticationStatement>
--------------------


Does anyone in here know if we can change the behaviour of this of this,
to say use the email address instead, or even add additional attributes
into the SAML assertion?

Any feedback appreciated


--
MystikWeb
------------------------------------------------------------------------
MystikWeb's Profile: https://forums.netiq.com/member.php?userid=59
View this thread: https://forums.netiq.com/showthread.php?t=47465