|Applies To||Federated Identity Management Module 2.6|
Federated Identity Management Module 2.5
|Issue||com.rsa.csf.techservice.saml.plugins.SubjectMapperPluginException: local user name attribute value not found in X.509 name: CN=first.last,OU=webusers,DC=test,DC=org|
In the FIM debug log the following exception appears:
A misconfiguration of the subject mapper plugin attribute is the likely cause for this exception.
In order to correct this or similar issues:
Identify the affected plugin. As you can see, the exception in raised within the class highlighted in red in the above section.
That class is used (by default) by the plugin "RSA_ClearTrust_X.509_Subject_Plug-in_RP", as you can see from "Class Name" field in FIM's management GUI (Configure System -> Plugins -> Manage Existing, look at the "Class Name" field for all plugins until you have a match).
Verify that the "ctUidX509RdnAttribute" is set to the correct value. By default this attribute is set to "uid". For the subject line
to be parsed correct this would need to be changed to "CN", for example ctUidX509RdnAttribute=cn
|Legacy Article ID||a34116|