I have a requirement where an external IdP posts SAML to my SF org.  The IdP uses both Recipient URL and a Relay State URL.
Recipient URL points to my SF org login page, where as Relay State URL points to a deeplink within the org, which is a VF page.
The SAML assert from IdP also has some additional SAML attributes with some data like User's address etc.

I configured  SF as service provider and getting successful SSO into my SF org directly upto the VF page defined by the relay state URL.
This means, when the user clicks a link in IdP page, due to this SSO, user directly lands in the deeplinked VF page in my org. 

Now the issue is how to read the SAML attributes from this VF page? Idea is to get/read the SAML attributes though a controller and display that data on the page for the user.  For example, I need to read the 'address' SAML attribute to get its value.  I could n't find any SF documentation about how to do this, but I am sure many others must have implemented similar requirement already.

Any help is greatly appreciated.

Site.com pages can be added to communities using a web tab. In the community this will be displayed under one of salesforce tabs along with top salesforce header, global search box etc.

Is it possible to display the site.com page in full frame of browser without any of the default community tab bar and above area?  Any answer to this question and details about how to achieve it will be highly appreciated.

I am planning to use site.com pages for community. In that case, I need to use javascript in the page to call web services defined in apex classes. 

I know from VF community pages, I can set the apex class as controller, and then make a javascript call from VF page to the web service. But in site.com community page, obviously there is no way to define controller. So, how to call the web service from site.com pages?

Any clarifications in this regard are highly appreciated.

I am trying to find solution to this scenario:  

User submits a web-to-case from a website.
A before insert trigger on Case object tries to do some validation on Trigger.New and in certain conditions  has to prevent this case to be created.  
I tried using addError() in trigger, but it works only when a CRM user is trying to create Case from within salesforce.  It does not stop web-to-case scenario.

I must use a trigger, not simple validation rules as the validation involves many other objects.

I highly appreciate if anyone suggests a solution to this problem.

- regards,
- Venkat Penukonda.

Site.com pages can be added to communities using a web tab. In the community this will be displayed under one of salesforce tabs along with top salesforce header, global search box etc.

Is it possible to display the site.com page in full frame of browser without any of the default community tab bar and above area?  Any answer to this question and details about how to achieve it will be highly appreciated.

I am planning to use site.com pages for community. In that case, I need to use javascript in the page to call web services defined in apex classes. 

I know from VF community pages, I can set the apex class as controller, and then make a javascript call from VF page to the web service. But in site.com community page, obviously there is no way to define controller. So, how to call the web service from site.com pages?

Any clarifications in this regard are highly appreciated.

I have a requirement where an external IdP posts SAML to my SF org.  The IdP uses both Recipient URL and a Relay State URL.
Recipient URL points to my SF org login page, where as Relay State URL points to a deeplink within the org, which is a VF page.
The SAML assert from IdP also has some additional SAML attributes with some data like User's address etc.

I configured  SF as service provider and getting successful SSO into my SF org directly upto the VF page defined by the relay state URL.
This means, when the user clicks a link in IdP page, due to this SSO, user directly lands in the deeplinked VF page in my org. 

Now the issue is how to read the SAML attributes from this VF page? Idea is to get/read the SAML attributes though a controller and display that data on the page for the user.  For example, I need to read the 'address' SAML attribute to get its value.  I could n't find any SF documentation about how to do this, but I am sure many others must have implemented similar requirement already.

Any help is greatly appreciated.

Site.com pages can be added to communities using a web tab. In the community this will be displayed under one of salesforce tabs along with top salesforce header, global search box etc.

Is it possible to display the site.com page in full frame of browser without any of the default community tab bar and above area?  Any answer to this question and details about how to achieve it will be highly appreciated.

I am trying to find solution to this scenario:  

User submits a web-to-case from a website.
A before insert trigger on Case object tries to do some validation on Trigger.New and in certain conditions  has to prevent this case to be created.  
I tried using addError() in trigger, but it works only when a CRM user is trying to create Case from within salesforce.  It does not stop web-to-case scenario.

I must use a trigger, not simple validation rules as the validation involves many other objects.

I highly appreciate if anyone suggests a solution to this problem.

- regards,
- Venkat Penukonda.

Hello All

 

I was looking for some help with regards to configuring additional attributes that can be passed in a SAML response.

 

I have a working solution with SalesForce acting as IdP however i would like to change the SAML assertion to include additional attributes

 

Currently, the default attributes included in the SAML response are userId, username, email, is_portal_user

 

<saml:AttributeStatement>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="userId">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">xxxx</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="username">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">xxxx</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="email">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">xxxx</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" Name="is_portal_user">
<saml:AttributeValue xsi:type="xs:anyType" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xs="http://www.w3.org/2001/XMLSchema">false</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>

 

How do i include additional attributes in this response?

 

Thanks

 

Shiva

Hello.

I'm trying to use SalesForce as SAML identity provider. Is it possible to sent say ProfileId in assertion so that I will be able to link roles I have in my application with roles defined in salesforce?