You need to sign in to do that
Don't have an account?
OpenStreetMap
SSO Failed -Unable to map the subject to a Salesforce.com user
Hi All,
Kindly find the below mentioned SAML which I am using but single sign on is not working . Kindly help .
<samlp:Response Version="2.0"
ID="atsgDlVF49Jc1GuqKjymWtqF5V9"
IssueInstant="2014-07-01T08:43:18.230Z"
Destination="https://myphilips--B2CRnD.cs17.my.salesforce.com/"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
>
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://login.tst.sso.philips.com</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#atsgDlVF49Jc1GuqKjymWtqF5V9">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>1itIE21Ig6Q0RnsaWBBdYfRbBc/n35jYZHhEmZDDdgc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
hUbrbfYjCpH8ZnTEIPGQB1yCvuSsDOJoPiiebTm0oTRab3fMxMCx90VpX272Xnrk2Iy6P9BYLA3Y
pOBNiql/eBGgXzYtUjKpZ/uaxoWzQtZ1x4/PAKbOCLISi75kTK0ODvvvfKV7EbgS9SAz9koXjx3B
goDr7wxRD2MuQs4xL9C8Grk2t4hKEZWD0FDR3RZp10uWEuu28bO1lNlIks0fYWEQb1kmP8xKUNJY
1Ach4MzuK6ntv7vvlz1eDxOiCQeQcxWVix+Db3faB5UyLZeKx/Lez3oUMrFVIYE0MmUbFn52GTyH
//2p1MbhCFubjbnigWY9aTxW66+Nbro4FOnIqQ==
</ds:SignatureValue>
</ds:Signature>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</samlp:Status>
<saml:Assertion ID="hWg5-LKaznAbTRBsFw_LZVsZwBm"
IssueInstant="2014-07-01T08:43:18.298Z"
Version="2.0"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
>
<saml:Issuer>https://login.tst.sso.philips.com</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">310132244</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData Recipient="https://myphilips--B2CRnD.cs17.my.salesforce.com/"
NotOnOrAfter="2014-07-01T08:48:18.298Z"
/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2014-07-01T08:38:18.298Z"
NotOnOrAfter="2014-07-01T08:48:18.298Z"
>
<saml:AudienceRestriction>
<saml:Audience>myphilips--B2CRnD.cs17.my.salesforce.com</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement SessionIndex="hWg5-LKaznAbTRBsFw_LZVsZwBm"
AuthnInstant="2014-07-01T08:43:18.298Z"
>
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</samlp:Response>
Regards,
Neha
Kindly find the below mentioned SAML which I am using but single sign on is not working . Kindly help .
<samlp:Response Version="2.0"
ID="atsgDlVF49Jc1GuqKjymWtqF5V9"
IssueInstant="2014-07-01T08:43:18.230Z"
Destination="https://myphilips--B2CRnD.cs17.my.salesforce.com/"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
>
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://login.tst.sso.philips.com</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<ds:Reference URI="#atsgDlVF49Jc1GuqKjymWtqF5V9">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />
<ds:DigestValue>1itIE21Ig6Q0RnsaWBBdYfRbBc/n35jYZHhEmZDDdgc=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
hUbrbfYjCpH8ZnTEIPGQB1yCvuSsDOJoPiiebTm0oTRab3fMxMCx90VpX272Xnrk2Iy6P9BYLA3Y
pOBNiql/eBGgXzYtUjKpZ/uaxoWzQtZ1x4/PAKbOCLISi75kTK0ODvvvfKV7EbgS9SAz9koXjx3B
goDr7wxRD2MuQs4xL9C8Grk2t4hKEZWD0FDR3RZp10uWEuu28bO1lNlIks0fYWEQb1kmP8xKUNJY
1Ach4MzuK6ntv7vvlz1eDxOiCQeQcxWVix+Db3faB5UyLZeKx/Lez3oUMrFVIYE0MmUbFn52GTyH
//2p1MbhCFubjbnigWY9aTxW66+Nbro4FOnIqQ==
</ds:SignatureValue>
</ds:Signature>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</samlp:Status>
<saml:Assertion ID="hWg5-LKaznAbTRBsFw_LZVsZwBm"
IssueInstant="2014-07-01T08:43:18.298Z"
Version="2.0"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
>
<saml:Issuer>https://login.tst.sso.philips.com</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">310132244</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData Recipient="https://myphilips--B2CRnD.cs17.my.salesforce.com/"
NotOnOrAfter="2014-07-01T08:48:18.298Z"
/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2014-07-01T08:38:18.298Z"
NotOnOrAfter="2014-07-01T08:48:18.298Z"
>
<saml:AudienceRestriction>
<saml:Audience>myphilips--B2CRnD.cs17.my.salesforce.com</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement SessionIndex="hWg5-LKaznAbTRBsFw_LZVsZwBm"
AuthnInstant="2014-07-01T08:43:18.298Z"
>
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:SoftwarePKI</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</samlp:Response>
Regards,
Neha