Service Provider Facilities - Remote ID

Document ID : KB000117753
Last Modified Date : 18/10/2018
Show Technical Document Details
Question:
We're running CA Single Sign-On 12.52SP1CR02 and we'd like to know if
we can use CA Single Sign-On as SP, and as such, if being an SP it
can generates Authnrequest with Subject tag as :

  <saml:Subject> 
  <saml:NameID>jepm</saml:NameID> 
  </saml:Subject> 

Is it supported to send Authnrequest containing this Subject tag ?
Environment:
Policy Server and CA Access Gateway 12.8
Answer:
There are no support for saml:Subject 
in the Authnrequest. 

By this Enhancement Request, this seems not to work completely and the 
NameID is mapped once the assertion get generated only. 

AuthnRequest Subject element handling 
https://communities.ca.com/ideas/235724331-authnrequest-subject-element-handling 

So said, we invite you to do the same and post and Idea on the 
Security Page. 

1. Go to the CA Security Overview Page : 
https://communities.ca.com/community/ca-security/ca-single-sign-on 
2. Click on the "Actions" drop-down menu and select "Create an 
idea." 
3. Give your idea a title and detailed description to encourage 
voting. 
4. Publish and vote on your idea!