You need to sign in to do that
Don't have an account?
pm100
still trying to get saml working
i get assertion invalid in login history. The login history entry is associated with the correct user, so its roughly correct
<?xml version="1.0" encoding="utf-8"?>
<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" IssueInstant="2008-09-10T22:17:41.6221441Z" MajorVersion="1" MinorVersion="1" Recipient="http://localhost:9000" ResponseID="7a2adffa-fb5b-470e-8ca9-aae4206f465e" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
<samlp:Status>
<samlp:StatusCode Value="samlp:Success" />
</samlp:Status>
<saml:Assertion AssertionID="1f22e43a-3299-46d4-9510-ba6ebe6235b4" IssueInstant="2008-09-10T22:17:41.6221441Z" MajorVersion="1" MinorVersion="1" Issuer="ent2k3">
<saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2008-09-10T22:17:41.6221441Z">
<saml:Subject>
<saml:NameIdentifier>paulmoore100@hotmail.com</saml:NameIdentifier>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</samlp:Response>
<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" IssueInstant="2008-09-10T22:17:41.6221441Z" MajorVersion="1" MinorVersion="1" Recipient="http://localhost:9000" ResponseID="7a2adffa-fb5b-470e-8ca9-aae4206f465e" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
<samlp:Status>
<samlp:StatusCode Value="samlp:Success" />
</samlp:Status>
<saml:Assertion AssertionID="1f22e43a-3299-46d4-9510-ba6ebe6235b4" IssueInstant="2008-09-10T22:17:41.6221441Z" MajorVersion="1" MinorVersion="1" Issuer="ent2k3">
<saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2008-09-10T22:17:41.6221441Z">
<saml:Subject>
<saml:NameIdentifier>paulmoore100@hotmail.com</saml:NameIdentifier>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</samlp:Response>
natemanley
Did you put in a request to have Salesforce enabled the SAML SSO for your Organization? The documentation seems to indicate that you only need to request for Delegated Authentication but I had a conversation with one of the Sales Engineers and he said that this has to be done for SAML SSO as well.
On another note...can you tell me how you are executing your HTTP POST? I am struggling the concept of how to POST the SAML XML over to Salesforce and execute the redirection of the client as well.