function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
pm100pm100 

still trying to get saml working

i get assertion invalid in login history. The login history entry is associated with the correct user, so its roughly correct
 
<?xml version="1.0" encoding="utf-8"?>
<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" IssueInstant="2008-09-10T22:17:41.6221441Z" MajorVersion="1" MinorVersion="1" Recipient="http://localhost:9000" ResponseID="7a2adffa-fb5b-470e-8ca9-aae4206f465e" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
  <samlp:Status>
    <samlp:StatusCode Value="samlp:Success" />
  </samlp:Status>
  <saml:Assertion AssertionID="1f22e43a-3299-46d4-9510-ba6ebe6235b4" IssueInstant="2008-09-10T22:17:41.6221441Z" MajorVersion="1" MinorVersion="1" Issuer="ent2k3">
    <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2008-09-10T22:17:41.6221441Z">
      <saml:Subject>
        <saml:NameIdentifier>paulmoore100@hotmail.com</saml:NameIdentifier>
      </saml:Subject>
    </saml:AuthenticationStatement>
  </saml:Assertion>
</samlp:Response>
natemanleynatemanley
Did you put in a request to have Salesforce enabled the SAML SSO for your Organization?  The documentation seems to indicate that you only need to request for Delegated Authentication but I had a conversation with one of the Sales Engineers and he said that this has to be done for SAML SSO as well.
 
On another note...can you tell me how you are executing your HTTP POST?  I am struggling the concept of how to POST the SAML XML over to Salesforce and execute the redirection of the client as well.