On 09/14/2011 03:19 PM, Markus Ludwig Grandpre wrote: >> Try adding three SAML-AAA-Assertion attributes instead of one. Your >> attribute seems to be over 600 characters which is way more than the 8 >> bit attribute length field can carry. >> >> The receiver may be able to concatenate the attributes back into one value. > > Yes, the receiver is able to concatenate the attributes back into one > value. But dividing SAML content to three SAML-AAA-Assertions:
Try this instead: AddToReply SAML-AAA-Assertion=part1,SAML-AAA-Assertion=part2, ... That is, use AddToReply only once but with multiple attributes. Thanks! Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
