Hello Heikki > Try adding three SAML-AAA-Assertion attributes instead of one. Your > attribute seems to be over 600 characters which is way more than the 8 > bit attribute length field can carry. > > The receiver may be able to concatenate the attributes back into one value.
Yes, the receiver is able to concatenate the attributes back into one value. But dividing SAML content to three SAML-AAA-Assertions: AddToReply SAML-AAA-Assertion = <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" IssueInstant="2011-03-19T08:30:00Z" ID="foo" Version="2.0"><saml:Issuer>urn:mace:incommon:osu.edu</saml:Issuer><saml:AttributeStatement> AddToReply SAML-AAA-Assertion = <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"><saml:AttributeValue>[email protected]</saml:AttributeValue></saml:Attribute><saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7"> AddToReply SAML-AAA-Assertion = <saml:AttributeValue>moonshot</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion> foregoing attribute value is overwriten by next one: Code: Access-Accept Identifier: 14 Authentic: `~<i<168>y<18><253><240>\<227><189><162><173><23>I Attributes: User-Name = "daniel.scharon" EAP-Message = <3><7><0><4> Message-Authenticator = <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0> SAML-AAA-Assertion = "<saml:AttributeValue>moonshot</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion>" MS-MPPE-Send-Key = .<194><158>?<180><189><223>]<192><128><9><1><233><236>s<15>KT<134><168>.<232><174>-.m8<148><191><229>C<4> MS-MPPE-Recv-Key = <157><165><204><196><142>o<10>'<166><29>y3<191><196><147>><203><203><150>\;<137>g<253><233>L<219>R<235><194><179><191> Maybe I got something wrong? Markus _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
