Subject: empty attribute statements
Date: 2010-02-15 12:48:16
From: Jimmy Cater
Source: empty-attribute-statements

Hi I"m evaluating your component for our solution and came across a problem when exploring assertion creation options. I used one of your samples (SPInitiatedWebDemo.VS2008) in which I modified CreateSAMLResponse method (in Util class) to have: Assertion samlAssertion = new Assertion(); samlAssertion.Subject = new Subject(new NameId(page.User.Identity.Name)); samlAssertion.Issuer = new Issuer(issuerURL); AuthnStatement newAuthnStatement = new AuthnStatement(); newAuthnStatement.AuthnInstant = DateTime.Now; newAuthnStatement.SessionNotOnOrAfter = newAuthnStatement.AuthnInstant.AddHours(1); AttributeStatement attributeStatement = new AttributeStatement(); ComponentPro.Net.Saml2.Assertions.Attribute attribute = new ComponentPro.Net.Saml2.Assertions.Attribute("test", SamlAttributeNameFormat.Unspecified, "test"); AttributeValue val = new AttributeValue("Jimmy"); attribute.Values.Add(val); attributeStatement.Attributes.Add(attribute); ComponentPro.Net.Saml2.Assertions.Attribute.RegisterAttributeValueSerializer("test", null, new StringAttributeValueSerializer()); samlAssertion.Statements.Add(newAuthnStatement); samlAssertion.Statements.Add(attributeStatement); After receiving the message on the SP side the assertion looks like: http://localhost:1425/ myuserid As you can see, the AttributeStatement is empty. I guess I"m doing something wrong, but what? This is one of critical bits for me to give the green light for the implementation. Can you help?

---------------------------------------------------------------------- Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor who sold you the license and ask for your money back. Back to ComponentPro Q&A Forum Index