Sign Up ›
  • CompetitiveDad
  • NEWBIE
  • 0 Points
  • Member since 2009
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 2
    Replies
7 replies

Delegated Authentication Question

Hi,

I need to use delegated authentication to enable single sign on (SS0) when going between an intranet application and SFDC.

I've read the basic How To, but it does not explain how to send credentials to SDFC, nor where to send them. I've done a search on here but couldn't find anything, only a post by someone who said they had found the information in the API and then didn't actually post the answer.

The sample from the API (gotosdfc.aspx) does a post to login.jsp and has some hidden fields but I've been unable to find out in the documentation where the names of these fields are described/explained, so I don't know the full list or what some of them mean (for instance there is no field in the sample for IP address yet this is one of the pieces of information sent back for authentication).

Can someone explain them or post a link to the API reference page where they are explained?

Also, I would like to write the Authenticate web service using WCF and WS-*. Is this supported?

Essentially we have very personal and private data flying down the wire and our tech governance people are unlikely to be fully happy with only transport level security with SSL, they will almost certainly want message level as well.

So, 1. what are the fields that I need to post and where are they described and where do I post them to, and 2. is WCF/wsHttpBinding supported, and if not is there a way for me to do message level security with SFDC.

TIA,

CD
7 replies

Delegated Authentication Question

Hi,

I need to use delegated authentication to enable single sign on (SS0) when going between an intranet application and SFDC.

I've read the basic How To, but it does not explain how to send credentials to SDFC, nor where to send them. I've done a search on here but couldn't find anything, only a post by someone who said they had found the information in the API and then didn't actually post the answer.

The sample from the API (gotosdfc.aspx) does a post to login.jsp and has some hidden fields but I've been unable to find out in the documentation where the names of these fields are described/explained, so I don't know the full list or what some of them mean (for instance there is no field in the sample for IP address yet this is one of the pieces of information sent back for authentication).

Can someone explain them or post a link to the API reference page where they are explained?

Also, I would like to write the Authenticate web service using WCF and WS-*. Is this supported?

Essentially we have very personal and private data flying down the wire and our tech governance people are unlikely to be fully happy with only transport level security with SSL, they will almost certainly want message level as well.

So, 1. what are the fields that I need to post and where are they described and where do I post them to, and 2. is WCF/wsHttpBinding supported, and if not is there a way for me to do message level security with SFDC.

TIA,

CD