Ace

Pushing custom attributes in Custom AttributeStatement (part of SAML assertion, see OASIS SAML2 specification for details), from WebLogic based Identity Provider (IdP) towards a Service Provider (SP) isis not possible in weblogic 10.3.3-). This effectively means that we will not be able to transfer additional user information (for instance email address or some token number) in the form of custom SAML2 attributes in SAML assertion. Here I describe a workaround where-in we will be able to pass data (that ideally should be in the form of AttributeStatement that goes in the SAML assertion generated at IdP end) from WebLogic IdP towards any SP in IdP initiated SSO. If we want to send across any information from IdP end to SP end, what we can do is embed that information into the form which is used to hit the initiator servlet. This information should be available through hidden field. Take following JSP page into consideration (in consistent with discussion at Configuring WebLo