function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
DB-PriyaDB-Priya 

How to setup logouturl and ssoStartPage for sso

Could somebody guide me how to setup logouturl  and ssoStartPage for single sign on (SSO). I have implemented SSO for my orgn but want to forward to our internal page, if the user clicks logout or if the session has timed out.
I checked the .NET implementation part, but could not make it workable in Java platform. I am doing in jsp/java platform.
 
Let me knlow if you need any more details.
 
 
 
 


Message Edited by DB-Priya on 07-01-2008 10:07 AM
SuperfellSuperfell
They're just parameters you post to the login page.
DB-PriyaDB-Priya
Thanks Simon.
 
sumitasumita

Hi Simon,

 

I'll be grateful if you help me.

the thing is that, we have implemented SSO for a client. but, when session timeout happens, it does not redirect to the intranet login page, neither any session timeout popup appears(unlike in normal salesforce working).

 

Please find the assertion below:

 

 


<Response xmlns="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://login.salesforce.com/?saml=EK03Almz90RPX1sk0F3gL_UQYTUnDzlvpUFiii6CkZKlxbr67y7HYzOqcz" ID="_7eb309180a7ecca5e8aa585f28cbdfe39e6f" IssueInstant="2009-09-30T20:07:37Z" Version="2.0"> 
    <ns1:Issuer xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">abc.com</ns1:Issuer> 
    <Status> 
        <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> 
    </Status> 
    <ns2:Assertion xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_3a3d0167a97b60515d1e34a2d412ff271ac6" IssueInstant="2009-09-30T20:07:37Z" Version="2.0"> 
        <ns2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">abc.com</ns2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> 
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> 
<ds:Reference URI="#_3a3d0167a97b60515d1e34a2d412ff271ac6" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> 
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> 
</ds:Transforms> 
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> 
<ds:DigestValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">ex7zmBjvM0wMmImMJOIqFILJBlU=</ds:DigestValue> 
</ds:Reference> 
</ds:SignedInfo> 
<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
PX7j4coCVBymjz+tG/Xy+0IvgDYNU5/rfoOWFZecf3eKF5oXKUm1YBK/2uuHZ1nDb5AWb8zgLaF/ 
NpjLkJ5lfJmN+M2cyd0fgm4XGd2Eu+P/7mmG9+HYGrik/SCKWibQab8x3ZDCt5znDbQyakVTeE4o 
AtzxcHW/blGJ0mtqmyU= 
</ds:SignatureValue> 
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> 
MIIERzCCAy+gAwIBAgILAQAAAAABIX6aGX4wDQYJKoZIhvcNAQEFBQAwUDEXMBUGA1UEChMOQ3li 
ZXJ0cnVzdCBJbmMxNTAzBgNVBAMTLEN5YmVydHJ1c3QgU3VyZVNlcnZlciBTdGFuZGFyZCBWYWxp 
ZGF0aW9uIENBMB4XDTA5MDUyNjE5MzAyM1oXDTEyMDUyNjE5MzAyM1owgfExFzAVBgNVBAMTDlNB 
UyBGZWRlcmF0aW9uMRwwGgYDVQQEExNJZGVudGl0eSBGZWRlcmF0aW9uMSAwHgYDVQQqExdTQVMg 
RmVkZXJhdGlvbiBQcm92aWRlcjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkFaMRAwDgYDVQQHEwdQ 
aG9lbml4MRkwFwYDVQQKExBBbWVyaWNhbiBFeHByZXNzMSAwHgYDVQQLExdJbnRlci9JbnRyYW5l 
dCBTZWN1cml0eTEtMCsGCSqGSIb3DQEJARYedGVjaG5pY2FsLnNzby5zdXBwb3J0QGFleHAuY29t 
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDig+SHwHzMj5bXwX/Zm3KXs0v0dnIrJhtr2PJS 
pYh2/gvvDIVRh4wInE2RaTM5bDNc4wg1WxuCa4BKpqtfGvzZpPpLl3GXRA+8QjxWqBbsHXpE/zD6 
rC5BJbY5rkkgS7+KL+Lw8M4gJFzVBlHemusBKW+zO5Fs+viZnuFsDQIJowIDAQABo4IBAjCB/zAf 
BgNVHSMEGDAWgBTNOpafrm4PQFwcSPhLLbhxAeuJ2jA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8v 
Y3JsLm9tbmlyb290LmNvbS9TdXJlU2VydmVyRzIuY3JsMB0GA1UdDgQWBBSsICr0lE734pSba+oE 
iK9xYYgvujAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcD 
AjBPBgNVHSAESDBGMEQGCSsGAQQBsT4BMjA3MDUGCCsGAQUFBwIBFilodHRwOi8vY3liZXJ0cnVz 
dC5vbW5pcm9vdC5jb20vcmVwb3NpdG9yeTANBgkqhkiG9w0BAQUFAAOCAQEAbHHbrP1SM8TVosWi 
cOuihB1BzJexdfbFGJPoSWhpz3nRcVm+G/q3tUOuTZfRVDTUVlu2MT0PU8YDk4KSI29GMQwXuEhD 
p5KKA5f2sgBrYJHS1bx0n42SVRpN6bbascFkpe4I8bGkatRk6j+GBleFozFCNiZeex64meBNX68R 
vy+JtCTQVVxcZHj/I+aGw+ZknAeI0UL7J96xuE0IY6dcIK+36bWdE17Vsnxgwi39VijAbRBb41Zn 
Kvs5lSf94qWEE2ikIOKD4ZHTSFWpcnbYaoiDDSFZJZpTD0RsijQu4pcnVYsoQGDNIEO/6EFhFSQH 
RTW0sOo2ZbxeBpommEEDpg== 
</ds:X509Certificate> 
</ds:X509Data> 
</ds:KeyInfo> 
</ds:Signature> 
        <ns2:Subject> 
            <ns2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">C1466791</ns2:NameID> 
            <ns2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> 
                <ns2:SubjectConfirmationData NotOnOrAfter="2009-09-30T20:09:07Z" Recipient="https://login.salesforce.com/?saml=EK03Almz90RPX1sk0F3gL_UQYTUnDzlvpUFiii6CkZKlxbr67y7HYzOqcz"/> 
            </ns2:SubjectConfirmation> 
        </ns2:Subject> 
        <ns2:Conditions NotBefore="2009-09-30T20:07:07Z" NotOnOrAfter="2009-09-30T20:09:07Z"> 
            <ns2:AudienceRestriction> 
                <ns2:Audience>salesforcetravel</ns2:Audience> 
            </ns2:AudienceRestriction> 
            <ns2:AudienceRestriction> 
                <ns2:Audience>https://saml.salesforce.com</ns2:Audience> 
            </ns2:AudienceRestriction> 
        </ns2:Conditions> 
        <ns2:AuthnStatement AuthnInstant="2009-09-30T20:07:36Z" SessionIndex="Q+pzvs+8Rr7Z6tlt8IIpmRVDFdY=zIabKw==" SessionNotOnOrAfter="2009-09-30T20:09:07Z"> 
            <ns2:AuthnContext> 
                <ns2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns2:AuthnContextClassRef> 
            </ns2:AuthnContext> 
        </ns2:AuthnStatement> 
        <ns2:AttributeStatement> 
            <ns2:Attribute Name="employeeid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> 
                <ns2:AttributeValue>C1466791</ns2:AttributeValue> 
            </ns2:Attribute> 
            <ns2:Attribute Name="ssoStartPage" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> 
                <ns2:AttributeValue>http://www.defweb.com/travelforcelogin</ns2:AttributeValue> 
            </ns2:Attribute> 
            <ns2:Attribute Name="logoutURL" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"> 
                <ns2:AttributeValue>https://central101.intra.abc.com/portal/site/defweb/menuitem.daa2dd4f4649fd301aae0ff54c2bda49/&amp;level=1?epi-content=CMU&amp;cmu_page=10002295&amp;format=leftmidwithoutcolor&amp;leftnav=false</ns2:AttributeValue> 
            </ns2:Attribute> 
        </ns2:AttributeStatement> 
    </ns2:Assertion> 
</Response> 
 
Could you please help me so that salesforce redirects to the intranet login page.
Waiting in anticipation,
 
 
Thanks,
 
Sumit