Now, it is simple to use OpenSSO as an identity provider for SSO with Salesforce.com
applications using the SAMLv2 protocol. Out-of-the-box OpenSSO supports an easy-to-use workflow feature that enables the customers to integrate Salesforce.com
applications to their existing authentication infrastructure.
There are multiple ways to achieve the SSO with Salesforce.com
. The IDP users' attributes can be sent to the Service Provider (SP) in one of the following ways:
As an attribute statement in the SAML assertion
As a nameID element in the SAML assertion subject statement
In the same manner, service provider at salesforce.com
can use any of these two options for its local attribute that is used to perform the SSO. It can be one of these:
Salesforce.com
user's Federation ID attributeSalesforce.com
user's user ID
In this chapter, let us discuss the steps for configuring the identity provider to send the attribute value as an attribute statement in the...