How to get User Name in SAML Assertion (OpenAM)

Question

This is my SAML assertion from OpenAM IDP

<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NameQualifier="http://idp.ntech.com:9090/openam">/81OhgvXhHdM/+STdnPlhgkVJzDo</saml:NameID>     <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData InResponseTo="FEDE98AB33A4049999504522AB01C664219893A2"  NotOnOrAfter="2012-10-27T10:56:22Z"  Recipient="http://sp.ntech.com/SampleApp/fedletapplication.aspx" /></saml:SubjectConfirmation>
</saml:Subject>

but i need the username instead of NameId ,I am using OpenAM.Please help

score 0 · Answer 1 · answered Oct 28 '12 at 10:44

Since you are using the transient NameID-Format, the NameID coming from OpenAM will contain just a random string. If you actually need any info about the user, then you either need to change the NameID-Format from transient to something else (possibly also using the NameID value mapping feature in OpenAM), or you need to send those extra attributes as part of the assertion (attributestatement). In order to do that you would need to configure Attribute mapping on the IdP.

How to get User Name in SAML Assertion (OpenAM)

1 Answers1