Hello Jon,
Sorry I was not able to deploy your suggestion sooner but I did and it works great, thanks a lot for your help !
However, I may have found an issue (bug?) and I wanted to report here too just to let you know ... and also because it could be useful to everybody.
In the mapping rule, I have this line :
cleanup_string = cleanup_string.replace(/é/gi,"e");
but if I save this in the mapping rule through the console, the line will look like this once saved :
var temp = cleanup_string.replace(/é/gi,"e");
and when I try to push the line through rest-api (git IBM security and ansible combo), the text will look like this :
var temp = cleanup_string.replace(/é/gi,"e");
I did some testing and the result remains in the same : in the trace, I can see that the following ldap attribute "2450,rue Girouard Ouest, éédifice Est" can be seen as this in the SAML token :
<saml:Attribute Name="tagvalue_credattrs_officeAddress" NameFormat="urn:ibm:names:ITFIM:5.1:accessmanager"><saml:AttributeValue xsi:type="xs:string">2450,rue Girouard Ouest, eédifice Est</saml:AttributeValue>
(ps : I know the ldap value is strange but it is just for testing and debugging purpose).
I am reporting it in a IBM case.
Thanks again for you help,
Thank you,
------------------------------
Christophe Agostini
------------------------------
Original Message:
Sent: Fri May 03, 2019 04:56 AM
From: Jon Harry
Subject: Secure Federation Mapping Rules : Loop and replace ?
Hello,
You can get a java.util.Iterator over the attributes in an AttributeContainer using the
getAttributeIterator()method.
Or, you could use the getAttributes() method of the AttributeContainer() to get a Java array of Attributes to work with as you please.
For the string replace, perhaps you need to try using this format for the search and replace:
var x = "Something";
var y = x.replace(/thing/g,"way");
Also worth checking that the string you're performing the action on is actually a JavaScript string and not a Java string.
Cheers... Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
Original Message:
Sent: Thu May 02, 2019 02:27 PM
From: Christophe Agostini
Subject: Secure Federation Mapping Rules : Loop and replace ?
Hi community,
We are currently migrating from ISAM V7 / TFIM V6.2.2 to ISAM V9.0.6 so sorry if the wording is not 100% acurate. Basically I have a a new Module Chain which contains the following modules :
1- Default IVCred Token (mode : validate)
2- Default Map Module (mode : map)
3- Default SAML 2.0 Token (mode : issue)
Basically in the map module, I use a script which search for all attributes in an array
var CredAttrToSearch= ["LIST_OF","ATTRIBUTE"];
var CredAttrFound= {};
for (var i = 0; i < permittedAttrsFromCred.length; i++) {
var vals = stsuu.getAttributeContainer().getAttributeValuesByName(permittedAttrsFromCred[i]);
if (vals != null && vals.length > 0) {
foundAttrs[permittedAttrsFromCred[i]] = vals;
}
}
And then the script clears stsuu and add each element individually. This script is working fine, however I would like to tweak it a little bit and I was not able to find how. I have two questions :
1- I was wondering if I could loop in stsuu attributes without knowing any attribute value in it ?
2- Is there a way to do a replace on a variable ? Right now if I try to do something like :
var x = "Something";
var y = x.replace("thing","way");
I have an immediate error when going through the STS junction.
Thank you very much for your feedback, any input will be highly appreciated.
------------------------------
Christophe Agostini
------------------------------