I am working on integrating Spring saml Extension within ADFS for SSO. I am using ADFS2.0 as the IDP and I have generated meta data for Spring application and imported meta data into ADFS. I will pass email address and display name to spring application.

Here is the claim rule I set in the ADFS.

1 get attributes

c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
 => issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"), query = ";displayName,mail;{0}", param = c.Value);

2 Send email address as name ID

c:[Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"] => issue(Type = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", Issuer = c.Issuer, OriginalIssuer = c.OriginalIssuer, Value = c.Value, ValueType = c.ValueType, Properties["http://schemas.xmlsoap.org/ws/2005/05/identity/claimproperties/format"] = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress");

I can login in the Spring application. In General information, the information is correct. but in Principal's Attributes part. The value of attribute become org.opensaml.xml.schema.impl.XSAnyImpl@5abb6d06 and org.opensaml.xml.schema.impl.XSAnyImpl@46f2d373.

Does anyone know why this happen? and how can I fix it?

Thank you very much.