+ Start a Discussion
S AnandS Anand 

Open SSO identify provider & SAML - Redirects to default Customer portal, not to Customized Site

Hi,

 

We have created a site using visual force pages and assigned it to login to Customer portal.

We are able to login to this site and access all pages and all testing is done.

 

Now we are trying to setup a SSO between the Customers website and the customer portal.

 

OpenSSO has been setup already as the identity provider. SAML assertions have been created. The whole setup was done referring to  https://login.salesforce.com/help/doc/en/sso_sites.htm .

 

SAML2.0 assertion values has ORG ID, Portal ID and Site URL values.

 

We first call the openSSO login url and authentiate by proviing a username/password

Then in the same browser session, when we call the  url to redirect to customer portal, it takes us to the default portal, not the Customized site.

 

What changes, should be done to take the user to the customized customer portal visual force page.

 

thanks in advance.

 

Anand

Best Answer chosen by Admin (Salesforce Developers) 
willywuwillywu

Oh, I missed your initial assertion.  Yes, you're sending

 

<saml:Attribute Name="site_url"><saml:AttributeValue xsi:type="xs:string">http://<company>.testing.cs10.force.com/customerportal</saml:AttributeValue></saml:Attribute>

 

Where you need to send Name="siteurl" inside of openSSO.

All Answers

S AnandS Anand

More info: SAML Respones looks like this.

 

saml:AttributeStatement><saml:Attribute Name="mail"><saml:AttributeValue xsi:type="xs:string">customerportaluser1@gmail.com</saml:AttributeValue></saml:Attribute><saml:Attribute Name="logoutURL"><saml:AttributeValue xsi:type="xs:string"/></saml:Attribute><saml:Attribute Name="ssoStartPage"><saml:AttributeValue xsi:type="xs:string"/></saml:Attribute><saml:Attribute Name="startURL"><saml:AttributeValue xsi:type="xs:string">https://<company>.testing.cs10.force.com/customerportal/apex/ViewCases</saml:AttributeValue></saml:Attribute><saml:Attribute Name="organization_id"><saml:AttributeValue xsi:type="xs:string">00XXXXXXXXXXX</saml:AttributeValue></saml:Attribute><saml:Attribute Name="portal_id"><saml:AttributeValue xsi:type="xs:string">0XXXXXXXXXXXXX</saml:AttributeValue></saml:Attribute><saml:Attribute Name="site_url"><saml:AttributeValue xsi:type="xs:string">http://<company>.testing.cs10.force.com/customerportal</saml:AttributeValue></saml:Attribute></saml:AttributeStatement>

 
willywuwillywu

You're being redirected into the portal (i.e. https://na1.salesforce.com/home/home.jsp) instead of the site?  Are you sure you're passing the site URL as an Attribute called exactly "siteurl" in the assertion?

 

Or is your question the fact that you're actually logged into the site, but not the right VF page?  In that case, you can include a RelayState param along with the SAMLResponse when you post to salesforce, and we'll redirect to that page after the SAML login is complete.

willywuwillywu

Oh, I missed your initial assertion.  Yes, you're sending

 

<saml:Attribute Name="site_url"><saml:AttributeValue xsi:type="xs:string">http://<company>.testing.cs10.force.com/customerportal</saml:AttributeValue></saml:Attribute>

 

Where you need to send Name="siteurl" inside of openSSO.

This was selected as the best answer