• Rest API Integration
  • NEWBIE
  • 25 Points
  • Member since 2011

  • Chatter
    Feed
  • 1
    Best Answers
  • 1
    Likes Received
  • 0
    Likes Given
  • 10
    Questions
  • 5
    Replies


I have created a task in my org with subject "Email Task"

I have written apex code as

    public class  TaskInfoDAOClass
    {
       public static List<Task> queryTaskInfo ()
        {
    integer count = [SELECT count() FROM Task];
    System.debug('Row Count :'+ count);
     List<Task> tasks= [SELECT Task.Id,Task.AccountId,Task.Status,Task.Account.Name FROM Task where Task.Subject='Email Task'];
      return tasks;     
      }
    }

I have created one test class to test apex code as

    @isTest
    public class TestTaskInfoDAO
    {
     public static testMethod void testQueryTaskInfo()
     {
    List<Task> tasks = TaskInfoDAOClass.queryTaskInfo();
     System.debug ('this is a debug statement');

    for (Task t : tasks)
    {
     System.debug ('Status '+ t.Status);
      System.debug ('Account name '+ t.Account.Name);

     }
    }
    }

when I run this test I am getting 0 as ROW count. please refer apex.log file

    24.0 APEX_CODE,FINE;APEX_PROFILING,FINE;DB,INFO;VALIDATION,INFO;WORKFLOW,FINEST
    23:48:30.100 (100678000)|EXECUTION_STARTED
    23:48:30.100 (100722000)|CODE_UNIT_STARTED|[EXTERNAL]|01p90000000k5Qw|TestTaskInfoDAO.testQueryTaskInfo
    23:48:30.101 (101272000)|METHOD_ENTRY|[2]|01p90000000k5Qw|TestTaskInfoDAO.TestTaskInfoDAO()
    23:48:30.101 (101414000)|METHOD_EXIT|[2]|TestTaskInfoDAO
    23:48:30.101 (101494000)|METHOD_ENTRY|[1]|01p90000000k5Qr|TaskInfoDAOClass.TaskInfoDAOClass()
    23:48:30.101 (101513000)|METHOD_EXIT|[1]|TaskInfoDAOClass
    23:48:30.101 (101782000)|METHOD_ENTRY|[6]|01p90000000k5Qr|TaskInfoDAOClass.queryTaskInfo()
    23:48:30.102 (102176000)|SOQL_EXECUTE_BEGIN|[5]|Aggregations:0|select count() from Task
    23:48:30.106 (106893000)|SOQL_EXECUTE_END|[5]|Rows:0
    23:48:30.106 (106965000)|SYSTEM_METHOD_ENTRY|[6]|String.valueOf(Object)
    23:48:30.107 (107012000)|SYSTEM_METHOD_EXIT|[6]|String.valueOf(Object)
    23:48:30.107 (107032000)|SYSTEM_METHOD_ENTRY|[6]|System.debug(ANY)
    23:48:30.107 (107040000)|USER_DEBUG|[6]|DEBUG|Row Count :0
    23:48:30.107 (107047000)|SYSTEM_METHOD_EXIT|[6]|System.debug(ANY)
    23:48:30.107 (107385000)|SOQL_EXECUTE_BEGIN|[9]|Aggregations:0|select Task.Id, Task.AccountId, Task.Status, Task.Account.Name from Task where Task.Subject = 'Email Task'
    23:48:30.109 (109847000)|SOQL_EXECUTE_END|[9]|Rows:0
    23:48:30.109 (109930000)|METHOD_EXIT|[6]|01p90000000k5Qr|TaskInfoDAOClass.queryTaskInfo()
    23:48:30.110 (110074000)|USER_DEBUG|[7]|DEBUG|this is a debug statement
    23:48:30.789 (111361000)|CUMULATIVE_LIMIT_USAGE
    23:48:30.789|LIMIT_USAGE_FOR_NS|(default)|
      Number of SOQL queries: 2 out of 100
      Number of query rows: 0 out of 50000
      Number of SOSL queries: 0 out of 20
      Number of DML statements: 0 out of 150
      Number of DML rows: 0 out of 10000
      Number of script statements: 7 out of 200000
      Maximum heap size: 0 out of 6000000
      Number of callouts: 0 out of 10
      Number of Email Invocations: 0 out of 10
      Number of fields describes: 0 out of 100
      Number of record type describes: 0 out of 100
      Number of child relationships describes: 0 out of 100
      Number of picklist describes: 0 out of 100
      Number of future calls: 0 out of 10

    23:48:30.789|TOTAL_EMAIL_RECIPIENTS_QUEUED|0
    23:48:30.789|STATIC_VARIABLE_LIST|
      double:MAX_VALUE:0
      long:serialVersionUID:0
        int:MAX_EXPONENT:0
        int:MIN_EXPONENT:0
        Boolean:TRUE:0
        long:serialVersionUID:0
        double:POSITIVE_INFINITY:0
        double:MIN_NORMAL:0
        double:MIN_VALUE:0
        Boolean:FALSE:0
        int:SIZE:0
        char[]:DigitOnes:0
        int[]:sizeTable:0
        char[]:DigitTens:0
        double:NaN:0
        int:MAX_VALUE:0
        char[]:digits:0
        long:serialVersionUID:0
        double:NEGATIVE_INFINITY:0
        int:MIN_VALUE:0
        int:SIZE:0

    23:48:30.789|CUMULATIVE_LIMIT_USAGE_END

    23:48:30.111 (111444000)|CODE_UNIT_FINISHED|TestTaskInfoDAO.testQueryTaskInfo
    23:48:30.111 (111452000)|EXECUTION_FINISHED
    23:48:30.999|CUMULATIVE_PROFILING_BEGIN
    23:48:30.999|CUMULATIVE_PROFILING|SOQL operations|
      Class.TaskInfoDAOClass.queryTaskInfo: line 5, column 1: [SELECT count() FROM Task]: executed 1 time in 5 ms
      Class.TaskInfoDAOClass.queryTaskInfo: line 9, column 1: [SELECT Task.Id,Task.AccountId,Task.Status,Task.Account.Name FROM Task where Task.Subject='Email Task']: executed 1 time in 3 ms

    23:48:30.999|CUMULATIVE_PROFILING|No profiling information for SOSL operations
    23:48:30.999|CUMULATIVE_PROFILING|No profiling information for DML operations
    23:48:30.999|CUMULATIVE_PROFILING|method invocations|
      External entry point: public static testMethod void testQueryTaskInfo(): executed 1 time in 11 ms
      Class.TestTaskInfoDAO.testQueryTaskInfo: line 6, column 1: public static LIST<Task> queryTaskInfo(): executed 1 time in 8 ms
      Class.TestTaskInfoDAO.testQueryTaskInfo: line 9, column 1: global object iterator(): executed 2 times in 1 ms
      Class.TaskInfoDAOClass.queryTaskInfo: line 6, column 1: global public static String valueOf(Object): executed 2 times in 0 ms
      Class.TestTaskInfoDAO.testQueryTaskInfo: line 7, column 1: global public static void debug(ANY): executed 1 time in 0 ms

    23:48:30.999|CUMULATIVE_PROFILING_END

Why I am getting 0 ROW COUNT ?

I have created remote application in salesforce. I am testing assertion for this application but I can't able to see logs for the same.

 is there any way to see logs for error message.

I am trying to do "SAML 2.0 Bearer Assertion for SalesForce"

I am getting {"error":"invalid_grant","error_description":"invalid assertion"}

Is there any way to validate bearer assertion at salesforce?

I did following in my code

 

String henvironment = "https://login.salesforce.com/services/oauth2/token";
HttpClient httpclient = new HttpClient();
PostMethod post = new PostMethod(environment);
post.addParameter("grant_type", "urn:ietf:params:oauth:grant-type:saml2-bearer");
post.addParameter("client_id","3MVG9Y6d_Btp4xp7hhxW8OtuTagu9IvM6pZ9WwW6ODSVU.4Qp8vV0XB2i0sQ0mfVWCopKNdHkJqxE16Eeonz_");
post.addParameter("client_assertion_type","urn:ietf:params:oauth:client-assertion-type:saml2-bearer");
post.addParameter("client_assertion", Base64.encode(samlResponse.getBytes()));

 

generated Assertion xml as

<Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="s2a6a5c4dd18e257c56c4d17b1d894ea8d23151fd6" IssueInstant="2012-03-13T10:25:44Z" Version="2.0">
<Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">3MVG9Y6d_Btp4xp7hhxW8OtuTagu9IvM6pZ9WwW6ODSVU.4Qp8vV0XB2i0sQ0mfVWCopKNdHkJqxE16Eeonz_</Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
........</ds:Signature><Subject>
<NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">deepak.mule@vertex.co.in</NameID><SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<SubjectConfirmationData NotOnOrAfter="2012-03-13T10:26:44Z" Recipient="https://login.salesforce.com/services/oauth2/token"/></SubjectConfirmation>
</Subject><Conditions>
<AudienceRestriction>
<Audience>https://saml.salesforce.com</Audience>
</AudienceRestriction>
</Conditions>
<AuthnStatement AuthnInstant="2012-03-13T10:25:44Z"><AuthnContext><AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:X509</AuthnContextClassRef></AuthnContext></AuthnStatement></Assertion>


is there any thing missing ?

I have created SAML assertion with referce to link http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-10

I refered  https://login.salesforce.com/help/doc/en/remoteaccess_oauth_SAML_bearer_flow.htm link

according to above link I did

  • Organization creates a Remote Access OAuth Consumer -- created Remote access application with following details 

                Callback URL : https://test.salesforce.com/services/oauth2/success -- as I am accessing this from standalone class

I checked  : No user approval required for users in this organization

I uploaded certificate , same certificate I used for signing my assertion created.


  • Organization writes an application that generates a SAML token

For this I  made post call to

         URL :  https://login.salesforce.com/services/oauth2/authorize

and data : 

post.addParameter("client_id","3MVG9Y6d_Btp4xp7hhxW8OtuTagu9IvM6pZ9WwW6ODSVU.4Qp8vV0XB2i0sQ0mfVWCopKNdHkJqxE16Eeonz_");
post.addParameter("client_assertion_type","urn:ietf:params:oauth:assertion_type:saml2-bearer");
post.addParameter("client_assertion", Base64.encode(samlResponse.getBytes()));

 

 

with above data I am getting errot message :

( error=unsupported_response_type&error_description=response%20type%20not%20supported)

 

in reference link it is metioned 

client_assertion_type: The format of the assertion as defined by the authorization server. The value MUST be an absolute URL

 

I am confused about this part. The data I used is valid ? 


I am trying to do "SAML 2.0 Bearer Assertion for SalesForce"

I am getting {"error":"invalid_grant","error_description":"invalid assertion"}

Is there any way to validate bearer assertion at salesforce?

I did following in my code

 

String environment = "https://login.salesforce.com/services/oauth2/token?saml=MgoTx78aEPRbRaz0CkRqjaqrhP3sCa7w7.Y5wbrpGMNT07zKRYwcNWf0zs";
Map<String, String> map = new HashMap<String, String>();
HttpClient httpclient = new HttpClient();
PostMethod post = new PostMethod(environment);
post.addParameter("grant_type", "urn:ietf:params:oauth:grant-type:saml2-bearer");
post.addParameter("client_assertion", Base64.encode(samlResponse.getBytes()));
post.addParameter("client_assertion_type","urn:ietf:params:oauth:client_assertion_type:saml2-bearer");

post.addParameter("format", "json");
String accessToken= null;
String instanceUrl = null;
try {
httpclient.executeMethod(post);
JSONObject authResponse = new JSONObject(new JSONTokener(new InputStreamReader(post.getResponseBodyAsStream())));
System.out.println(authResponse.toString());


} catch (Exception e) {
e.printStackTrace();
} finally {
post.releaseConnection();
}

 

I have generated following assertion

 

<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="s2d3a451cf30560ca819118cf5785e722ea6da7b64" IssueInstant="2012-03-06T12:34:13Z"
Version="2.0">
<saml:Issuer>http://localhost:8080/opensso
</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#s2d3a451cf30560ca819118cf5785e722ea6da7b64">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>seHyxsFzsHCs0GaY7usF0DfMV58=
</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue> signature.....</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate> certificate.....</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
NameQualifier="http://localhost:8080/opensso" SPNameQualifier="https://saml.salesforce.com">deepakmule</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData
NotOnOrAfter="2012-03-06T12:44:13Z"
Recipient="https://login.salesforce.com/?saml=MgoTx78aEPRbRaz0CkRqjaqrhP3sCa7w7.Y5wbrpGMNT07zKRYwcNWf0zs" />
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2012-03-06T12:34:13Z"
NotOnOrAfter="2012-03-06T12:44:13Z">
<saml:AudienceRestriction>
<saml:Audience>https://saml.salesforce.com</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2012-03-06T12:34:13Z"
SessionIndex="s27fb03a2b73bd8dc6846851bed7885b85e1d9ed6f">
<saml:AuthnContext>
<saml:AuthnContextClassRef> urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute Name="userid">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">deepakmule</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>


I have configured OpenSSO-client.war SDK. Using this I can able get SAML assertion. But when I exchange this SAML Assetion with SalesForce I got following error message.

 

Auth response: {"error":"invalid_grant","error_URI":"https://na7.salesforce.comnull/setup/secur/SAMLValidationPage.apexp","error_description":"invalid assertion"}

 

 when I validate SAML Assertion with SalesForce https://deepak-developer-edition.my.salesforce.com/setup/secur/SAMLValidationPage.apexp I got exception :

Unable to parse the response: Expect Root element is "Response"[saml:Assertion: null]

 

Do I need to convert this SAML assertion to response?


I have included the SAML assertion.

SAML assertion received by OpenAM from client SDK

 

<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    ID="uuid-2f287f2d-4fea-47de-9253-669b48b8fc1f" IssueInstant="2012-02-20T06:05:48Z"
    Version="2.0">
    <saml:Issuer>SunSTS</saml:Issuer>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
            <ds:Reference URI="#uuid-2f287f2d-4fea-47de-9253-669b48b8fc1f">
                <ds:Transforms>
                    <ds:Transform
                        Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                </ds:Transforms>
                <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                <ds:DigestValue>8OQUfcSQLKXiTi4LCBZamvK0xsk=
                </ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
            My1X6YPsaO08LJIT+0symAQEWvhfZqFxUuiHwJSGOvWVoHWbPQ//z74+oiM7iAEZTHc20NaMhJkC
            jaek0bvd+HNV/n52FX3D0mw1mMvVxqKzVnAI/WNBUrvi5MJ5uSnRxEfW9pYdGnU6J4gF1ArbMZji
            McUZCpxdQ5YO/T5dWDo=
        </ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>
                    MIICQDCCAakCBEeNB0swDQYJKoZIhvcNAQEEBQAwZzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
                    bGlmb3JuaWExFDASBgNVBAcTC1NhbnRhIENsYXJhMQwwCgYDVQQKEwNTdW4xEDAOBgNVBAsTB09w
                    ZW5TU08xDTALBgNVBAMTBHRlc3QwHhcNMDgwMTE1MTkxOTM5WhcNMTgwMTEyMTkxOTM5WjBnMQsw
                    CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLU2FudGEgQ2xhcmExDDAK
                    BgNVBAoTA1N1bjEQMA4GA1UECxMHT3BlblNTTzENMAsGA1UEAxMEdGVzdDCBnzANBgkqhkiG9w0B
                    AQEFAAOBjQAwgYkCgYEArSQc/U75GB2AtKhbGS5piiLkmJzqEsp64rDxbMJ+xDrye0EN/q1U5Of+
                    RkDsaN/igkAvV1cuXEgTL6RlafFPcUX7QxDhZBhsYF9pbwtMzi4A4su9hnxIhURebGEmxKW9qJNY
                    Js0Vo5+IgjxuEWnjnnVgHTs1+mq5QYTA7E6ZyL8CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB3Pw/U
                    QzPKTPTYi9upbFXlrAKMwtFf2OW4yvGWWvlcwcNSZJmTJ8ARvVYOMEVNbsT4OFcfu2/PeYoAdiDA
                    cGy/F2Zuj8XJJpuQRSE6PtQqBuDEHjjmOQJ0rV/r8mO1ZCtHRhpZ5zYRjhRC9eCbjx9VrFax0JDC
                    /FfwWigmrW0Y0Q==
                </ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature>
    <saml:Subject>
        <saml:NameID NameQualifier="SunSTS">id=deepakmule,ou=user,dc=opensso,dc=java,dc=net</saml:NameID>
        <saml:SubjectConfirmation
            Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches">
        </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2012-02-20T06:05:48Z"
        NotOnOrAfter="2012-02-20T06:10:48Z">
        <saml:AudienceRestriction>
            <saml:Audience>default</saml:Audience>
        </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2012-02-20T06:05:48Z">
        <saml:AuthnContext>
            <saml:AuthnContextClassRef>
                urn:oasis:names:tc:SAML:2.0:ac:classes:X509
            </saml:AuthnContextClassRef>
        </saml:AuthnContext>
    </saml:AuthnStatement>
</saml:Assertion>

Hi,

                     I did SP initiated SSO for SalesForce and OpenAM successfully.

In SalesForce SSO setting I used Identity Provider Login URL : http://localhost:8080/opensso/SSOPOST/metaAlias/idp                      

This URL accept SAML request and created SAML Assertion for SalesForce with IDP default login authentication.

 

Instead of above URL I when I use my Custom Authentication Module URL.

It does

  1. It redirect to IDP with custom authentication
  2. Does the authentication and display IDP home page.

It won’t show SalesForce home page.

I checked debug log : Its not creating SAML assertion for SalesForce.

 

                Is it possible to create SAML assertion from IDP ?

Or

              Custom auth module has to take care to create SAML assertion ?

Hi,

I am doing integration of SalesForce and OpenSSO with SAML.

I have implemented steps mentioned in

http://wiki.developerforce.com/page/Single_Sign-On_with_SAML_on_Force.com site.

    There are two important use cases for SAML –

           1. Identity Provider Initiated Login,

                             where a user starts directly at their identity provider, logs in, and is then redirected to a landing page at the service provider;

                            This case working fine 

            2. Service Provider Initiated Login,

                            where a user starts by clicking a link to the the service provider (e.g. a bookmark, mailed link, etc.) and temporarily redirected to the identity provider for authentication, then returned to the link they initially requested.

 

I am trying to implement 2nd Scenario : I am performing following steps

           1. created my domain in SalesForce and deployed for Users

           2. Added Identity Provider in Single Sign-On Settings

           3. When I access My Domain URL. It redirect me to Identity provider login page.

           4. After login to IDP it won’t redirect back to SalesForce page. It shows IDP success page.

 

How should I redirect back to SalesForce success page?

Hi

I want to do SSO implementation with OpenSSO with SAML. I did setup as mentioned below site.

http://wiki.developerforce.com/page/Single_Sign-On_with_SAML_on_Force.com

In above site there are 2 scenario.

 1. Identity Provider Initiated Login

 2. Service Provider Initiated Login

 Above link works for first scenario if I want to go for 2 scenario what are the changes required for at salesforce and Opensso side.

 

My scenario like below

            webapplication                   OpanAM/ OpenSSO                      Salesforce

user---  login --> after authentication -------->click salesforce link---------->                                            salesforce create SAML request for OpenSSO for validate and response back SAML Assertion to salesforce.

 

to perform this I want to implement second scenario.

 

 

                                                                                          

 

Hello,

        I want to do authentication from my java client. I got Rest API which authenticate using web Application client and its working fine. But my requirement is little bit different as I need to use normal java client which will authenticate me directly to Salesforce site.

        

 

Regards,

Deepak

Hello,

        I want to do authentication from my java client. I got Rest API which authenticate using web Application client and its working fine. But my requirement is little bit different as I need to use normal java client which will authenticate me directly to Salesforce site.

        

 

Regards,

Deepak

Hi,

                     I did SP initiated SSO for SalesForce and OpenAM successfully.

In SalesForce SSO setting I used Identity Provider Login URL : http://localhost:8080/opensso/SSOPOST/metaAlias/idp                      

This URL accept SAML request and created SAML Assertion for SalesForce with IDP default login authentication.

 

Instead of above URL I when I use my Custom Authentication Module URL.

It does

  1. It redirect to IDP with custom authentication
  2. Does the authentication and display IDP home page.

It won’t show SalesForce home page.

I checked debug log : Its not creating SAML assertion for SalesForce.

 

                Is it possible to create SAML assertion from IDP ?

Or

              Custom auth module has to take care to create SAML assertion ?

We now have single sign on (SSO) working for Salesforce.com against our corporate AD. Hooray!

(We used this guide: http://wiki.developerforce.com/page/Single_Sign-On_with_SAML_on_Force.com)

 

However, only the IDP initiated login works currently (users must start by browsing to our OpenAM server).

 

How do we configure Salesforce.com and OpenAM to allow SP initiated login (user can login straight into Salesforce.com)?

 

Thanks, Rob.

  • January 05, 2012
  • Like
  • 0

Hi,

I am doing integration of SalesForce and OpenSSO with SAML.

I have implemented steps mentioned in

http://wiki.developerforce.com/page/Single_Sign-On_with_SAML_on_Force.com site.

    There are two important use cases for SAML –

           1. Identity Provider Initiated Login,

                             where a user starts directly at their identity provider, logs in, and is then redirected to a landing page at the service provider;

                            This case working fine 

            2. Service Provider Initiated Login,

                            where a user starts by clicking a link to the the service provider (e.g. a bookmark, mailed link, etc.) and temporarily redirected to the identity provider for authentication, then returned to the link they initially requested.

 

I am trying to implement 2nd Scenario : I am performing following steps

           1. created my domain in SalesForce and deployed for Users

           2. Added Identity Provider in Single Sign-On Settings

           3. When I access My Domain URL. It redirect me to Identity provider login page.

           4. After login to IDP it won’t redirect back to SalesForce page. It shows IDP success page.

 

How should I redirect back to SalesForce success page?

Hello,

        I want to do authentication from my java client. I got Rest API which authenticate using web Application client and its working fine. But my requirement is little bit different as I need to use normal java client which will authenticate me directly to Salesforce site.

        

 

Regards,

Deepak