55.6 Validating Identity Context

You can ensure correct operation of the Identity Context with Access Manager.

To validate:

To validate your Identity Context operations

  1. Perform the following to validate the Identity Assertion response that Access Manager is constructing.

    1. Configure Access Manager to protect the /testidc resource with a WebGate agent and return the Identity Assertion with the desired Asserted Attributes as part of the Authorization response.

    2. Use the OAM Tester to validate that the Identity Assertion is returned as an OAM_IDENTITY_ASSERTION attribute in response to the authorization request for /testidc.

  2. Perform the following to validate that WebGate is creating an HTTP header that contains the Identity Assertion.

    1. Ensure the /cgi-bin/printenv.pl script is protected by the same policy that protects the /testidc resource.


      printenv.pl ships as part of OHS and must have permission to execute. Any script to display header information can be used instead.

    2. Access the printenv.pl to trigger a login and display the HTTP headers.

    3. Ensure that the HTTP_OAM_IDENTITY_ASSERTION header contains a SAML token with Asserted Attributes.