Heikki, > Try this instead: > > AddToReply SAML-AAA-Assertion=part1,SAML-AAA-Assertion=part2, ... > > That is, use AddToReply only once but with multiple attributes.
This configuration as you have suggested: AddToReply SAML-AAA-Assertion = <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" IssueInstant="2011-03-19T08:30:00Z" ID="foo" Version="2.0"><saml:Issuer>urn:mace:incommon:osu.edu</saml:Issuer><saml:AttributeStatement>, SAML-AAA-Assertion = <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"><saml:AttributeValue>[email protected]</saml:AttributeValue></saml:Attribute><saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7">, SAML-AAA-Assertion = <saml:AttributeValue>moonshot</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion> did not work. Access-Accept is too long again: sshd[29010]: debug1: Unspecified GSS failure. Minor code may provide more information\ninvalid packet: WARNING: Malformed RADIUS packet from host (null): attribute 222 data overflows the packet (udp.c:118)\n Do you have any other idea? Markus _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
