hjada (hjada) asked a question.
[checkmarx] Attribute Organization_Tree sent in AuthResponse is empty
I try to follow this https://checkmarx.atlassian.net/wiki/spaces/KC/pages/103252245/Configuring+the+Identity+Provider+for+SAML to setup SAML IDP.And I have assign some value to Attribute Organization_Tree for one user. But I can't get the value from AuthResponse.The strange is Attribute Role sent in AuthResponse is NOT empty...
- €‹<saml2:AttributeStatement xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> ... <saml2:Attribute Name="Language" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml2:Attribute> <saml2:Attribute Name="Organization_Tree" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml2:Attribute> <saml2:Attribute Name="Is_Auditor" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml2:Attribute> <saml2:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Scanner</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute Name="Role_Attribute" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml2:Attribute> </saml2:AttributeStatement>
