Solved: SSO on SiteMinder using SAML error message: "**Sam...

gcusello · ‎10-11-2017

Hi at all,

I have the following problem:
We configured SSO with Siteminder using SAML.
The problem is that this Siteminder is used only for authentication and not also for profiling so we're not able to configure Splunk roles and when authenticating we receive from Splunk the following error message "Saml response does not contain group information".
Watching Siteminder's logs we can see that arriving on Splunk the following parameters (after authentication on Siteminder's Authentication Schema):

<ns2:Attribute Name="SMUSERNAME" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
    <ns2:AttributeValue>UIDxxxxxx</ns2:AttributeValue>
</ns2:Attribute>
<ns2:Attribute Name="SMMAIL" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
    <ns2:AttributeValue>xxxx.xxxxx@xxxx.xxxxxx.com</ns2:AttributeValue>
</ns2:Attribute>

Anyone encountered this problem?

Thank you in advance.

Bye.
Giuseppe

suarezry · ‎10-23-2017

Siteminder is releasing the name and email attribute, but no role attribute. You need to configure Siteminder to release this information.

View solution in original post

suarezry · ‎10-23-2017

Siteminder is releasing the name and email attribute, but no role attribute. You need to configure Siteminder to release this information.

SSO on SiteMinder using SAML error message: "Saml response does not contain group information"

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Adoption of RUM and APM at Splunk

SSO on SiteMinder using SAML error message: "**Saml response does not contain group information**"

Welcome to the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Adoption of RUM and APM at Splunk

SSO on SiteMinder using SAML error message: "Saml response does not contain group information"