function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
IndeevarIndeevar 

Security concerns for implementing Single Sign On

Hi
We are planning to implement Single Sign On using Delegated Authentication Model that is described in
the SFDC wiki.Link given below.
 

http://wiki.apexdevnet.com/index.php/How_to_Implement_Single_Sign-On_with_Salesforce.com

 

As per the standard implementation of SSO for SFDC, we will have to write a authentication web service which

the SFDC will call if the login user profile is enabled for SSO. But in this implementation the SFDC log in page

will come up always.

 

--> If we go with this implementation will the SFDC get access to Network credentials by any chance? This is the key requirements

for us that SFDC should not have access to NT ID and Password by any chance.

--> Where will the mapping between SFDC Login and NT ID maintained?

--> Also is there a way to implement SSO with out having the user go to SFDC Login page?

 

Any help on this is appreciated.