Salesforce with Shibboleth IdP
Christopher Bongaarts
cab at umn.edu
Mon Jun 11 18:14:30 BST 2012
On 6/11/2012 11:52 AM, Andrew Morgan wrote:
> On Fri, 8 Jun 2012, Peter Schober wrote:
>
>> * Andrew Morgan <morgan at orst.edu> [2012-06-07 18:42]:
>>> Login Error
>>> Your login attempt using single sign-on with an identity provider
>>> certificate has failed. Please contact your salesforce.com administrator
>>> for more information.
>>
>> If all else fails you could try just that?
>> -peter
>
> Unfortunately, my co-worker is the administrator and we are both trying to
> understand what is going wrong! :)
>
> We have tried using Salesforce's SAML assertion validator, but that
> doesn't raise any errors. I was hoping someone might have experience with
> Salesforce, or at least have a working Shibboleth-Salesforce setup that I
> could compare against.
We have encryption turned off for them via relying-party.xml:
<RelyingParty id="https://xxxx.my.salesforce.com"
provider="https://idp-test.shib.umn.edu/idp/shibboleth"
defaultSigningCredentialRef="IdPCredential">
<ProfileConfiguration xsi:type="saml:SAML2SSOProfile"
encryptAssertions="never"
encryptNameIds="never" />
</RelyingParty>
--
%% Christopher A. Bongaarts %% cab at umn.edu %%
%% OIT - Identity Management %% http://umn.edu/~cab %%
%% University of Minnesota %% +1 (612) 625-1809 %%
More information about the users
mailing list