Sign Up ›
  • OpenStreetMap
  • NEWBIE
  • 0 Points
  • Member since 2013
  • Chatter
    Feed
  • 0
    Best Answers
  • 2
    Likes Received
  • 0
    Likes Given
  • 6
    Questions
  • 10
    Replies
0 replies

SSO Failed -Unable to map the subject to a Salesforce.com user

Hi All, 
Kindly find the below mentioned SAML which I am using but single sign on is not working . Kindly help .

<samlp:Response Version="2.0"
                ID="atsgDlVF49Jc1GuqKjymWtqF5V9"
                IssueInstant="2014-07-01T08:43:18.230Z"
                Destination="https://myphilips--B2CRnD.cs17.my.salesforce.com/"
                xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
                >
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://login.tst.sso.philips.com</saml:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
            <ds:Reference URI="#atsgDlVF49Jc1GuqKjymWtqF5V9">
                <ds:Transforms>
                    <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
                <ds:DigestValue>1itIE21Ig6Q0RnsaWBBdYfRbBc/n35jYZHhEmZDDdgc=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
hUbrbfYjCpH8ZnTEIPGQB1yCvuSsDOJoPiiebTm0oTRab3fMxMCx90VpX272Xnrk2Iy6P9BYLA3Y
pOBNiql/eBGgXzYtUjKpZ/uaxoWzQtZ1x4/PAKbOCLISi75kTK0ODvvvfKV7EbgS9SAz9koXjx3B
goDr7wxRD2MuQs4xL9C8Grk2t4hKEZWD0FDR3RZp10uWEuu28bO1lNlIks0fYWEQb1kmP8xKUNJY
1Ach4MzuK6ntv7vvlz1eDxOiCQeQcxWVix+Db3faB5UyLZeKx/Lez3oUMrFVIYE0MmUbFn52GTyH
//2p1MbhCFubjbnigWY9aTxW66+Nbro4FOnIqQ==
</ds:SignatureValue>
    </ds:Signature>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
    </samlp:Status>
    <saml:Assertion ID="hWg5-LKaznAbTRBsFw_LZVsZwBm"
                    IssueInstant="2014-07-01T08:43:18.298Z"
                    Version="2.0"
                    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                    >
        <saml:Issuer>https://login.tst.sso.philips.com</saml:Issuer>
        <saml:Subject>
            <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">310132244</saml:NameID>
            <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
                <saml:SubjectConfirmationData Recipient="https://myphilips--B2CRnD.cs17.my.salesforce.com/"
                                              NotOnOrAfter="2014-07-01T08:48:18.298Z"
                                              />
            </saml:SubjectConfirmation>
        </saml:Subject>
        <saml:Conditions NotBefore="2014-07-01T08:38:18.298Z"
                         NotOnOrAfter="2014-07-01T08:48:18.298Z"
                         >
            <saml:AudienceRestriction>
                <saml:Audience>myphilips--B2CRnD.cs17.my.salesforce.com</saml:Audience>
            </saml:AudienceRestriction>
        </saml:Conditions>
        <saml:AuthnStatement SessionIndex="hWg5-LKaznAbTRBsFw_LZVsZwBm"
                             AuthnInstant="2014-07-01T08:43:18.298Z"
                             >
            <saml:AuthnContext>
                <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI</saml:AuthnContextClassRef>
            </saml:AuthnContext>
        </saml:AuthnStatement>
    </saml:Assertion>
</samlp:Response>



Regards,
Neha
1 replies

Salesforce Callout Exception -'handshaking failed'

while making http callout from SFDC to External Sys retuns-'Handshaking failed' and in client side, req is failing at blue coat firewall error-'EXCEPTION(ssl_client_cert_untrusted_issuer)' .We gave SFDC self signed cert to client . Do we have to provide CA cert or issue is something else' .

REgards,
Neha
6 replies

Federated SAML SSO

HI All,

 

we are using ping identity provider for SSO . it would be great if you can answer some of my question :

 

1.)    For SAML SSO configurations, which SAML profiles and bindings will be used (e.g. SP-Initiated-SSO-Post-Post etc.)

2.)    Does SFDC integration needs any back-channel communication ? (e.g. Artifact resolution or other SOAP communication)

3.)   Need set of user attributes that  IdP need to send in an assertion to SFDC .

4.)  How sandbox SSO configuration is defined - Does it rely on PROD Federation setup or do we need to configure new dedicated Federation setup with each QA, Test, Dev sandbox .

5.) In identity provider side do we have to  set up IDP Role and SP role both for SSO outlook integration ?

 

Regards,

Neha

1 replies

Bulk API request using access token

Hi All,

 

I am using access token for bulk api request

 

req.setHeader('Authorization', 'OAuth 00D90000000nOZP!ARwAQJ6Y9P_fWr173CV5ezq9.DX_dVeyHh6U.k5Tr_WYbPqPf4YDYMASZaJzbNChthWuM1f9QF0vsVZufAJdv1JRIdODmy2i'
    );

 

It is returning invalid session id . Cannot we use access token instead of session id in bulk request .

 

Regards,

Neha

SOLVED
5 replies

Hi All,

I am trying to integrate OpenStreet Map with in Visualforce page . For that I have created Oauth setting in OpenStreet Map . Now Can somedody tell me how can I call that map inside visualforce.

 

Regards,

Neha

1 replies

Salesforce Callout Exception -'handshaking failed'

while making http callout from SFDC to External Sys retuns-'Handshaking failed' and in client side, req is failing at blue coat firewall error-'EXCEPTION(ssl_client_cert_untrusted_issuer)' .We gave SFDC self signed cert to client . Do we have to provide CA cert or issue is something else' .

REgards,
Neha
6 replies

Federated SAML SSO

HI All,

 

we are using ping identity provider for SSO . it would be great if you can answer some of my question :

 

1.)    For SAML SSO configurations, which SAML profiles and bindings will be used (e.g. SP-Initiated-SSO-Post-Post etc.)

2.)    Does SFDC integration needs any back-channel communication ? (e.g. Artifact resolution or other SOAP communication)

3.)   Need set of user attributes that  IdP need to send in an assertion to SFDC .

4.)  How sandbox SSO configuration is defined - Does it rely on PROD Federation setup or do we need to configure new dedicated Federation setup with each QA, Test, Dev sandbox .

5.) In identity provider side do we have to  set up IDP Role and SP role both for SSO outlook integration ?

 

Regards,

Neha

SOLVED
5 replies

Hi All,

I am trying to integrate OpenStreet Map with in Visualforce page . For that I have created Oauth setting in OpenStreet Map . Now Can somedody tell me how can I call that map inside visualforce.

 

Regards,

Neha

3 replies

SAML and Oauth SSO - Outlook plugin and Ping Federate

I'm trying to get SSO working with mobile and the Outlook plugin. We're using Ping Federate for our idp. The wiki documentation states that all Salesforce needs is to be passed the RelayState parameter. Does anyone know what's involved to get this working? For whatever reason, RelayState is not coming back as a parameter with the SAML assertion.  I have our idp URL set in the "IDP Login URL" field in the Salesforce SSO settings, and I can tell during the redirect that RelayState is getting passed from Salesforce.

 

Has anyone gotten this working with Ping?

9 replies

Bulk API and OAuth 2 question....

Can an OAuth access token be used instead of the session id for the Bulk API?

Thanks,

Roger