[英]SSO with SalesForce.com
We want to do SSO with Salesforce.com. 我们希望使用Salesforce.com进行SSO。 From their documentation, we found this option 'Delegated authentication' to suit our needs.
从他们的文档中,我们发现此选项“委托身份验证”以满足我们的需求。 Basically when given a user name and password, Salesforce.com would initiate a web service call to the original organization to get it validated.
基本上,当给定用户名和密码时,Salesforce.com将启动对原始组织的Web服务调用以使其经过验证。
We are thinking of implementing this the following way - Our users would login into our system with user id and password, we would get them authenticated. 我们正在考虑以下方式实现这一点 - 我们的用户将使用用户ID和密码登录我们的系统,我们将对其进行身份验证。 Then when they have to access Salesforce.com, we would supply the username and the cookie(that we got from the authentication) to Salesforce.com which would then pass these in the web service call to our organization and we would be able to validate the user using this cookie.
然后,当他们必须访问Salesforce.com时,我们会将用户名和cookie(我们从身份验证中获得)提供给Salesforce.com,然后Salesforce.com会在Web服务调用中将这些传递给我们的组织,我们将能够验证使用此cookie的用户。
Has anyone tried/heard of this approach ? 有没有人尝试/听说过这种方法? Are there any known limitations.
有任何已知的限制。 Any help would be appreciated.
任何帮助,将不胜感激。
This is a common approach when using delegated auth, the main issue is if your DA listener only accepts the authentication cookie, then logging into salesforce from applications other than the web site are not possible (eg mobile apps, data loader, etc). 这是使用委托身份验证时的常用方法,主要问题是如果您的DA侦听器仅接受身份验证cookie,则无法从网站以外的应用程序登录salesforce(例如移动应用程序,数据加载程序等)。 You can write your DA listener to accept either an auth cookie or a password and work that way, or you can look into the newer SAML based SSO features which many apps now support.
您可以编写DA侦听器以接受身份验证cookie或密码并以此方式工作,或者您可以查看许多应用程序现在支持的基于SAML的新功能。
One way to do it is by using the SAML2 Web Browser SSO profile which is supported by Salesforce. 一种方法是使用Salesforce支持的SAML2 Web浏览器SSO配置文件。 You need to configure the SAML2 SSO in Salesforce admin settings.
您需要在Salesforce管理设置中配置SAML2 SSO。 Here is the brief overview: https://help.salesforce.com/apex/HTViewHelpDoc?id=sso_saml.htm&language=th
以下是简要概述: https : //help.salesforce.com/apex/HTViewHelpDoc?id = sso_saml.htm&language =
The flow for an end-user looks like this: 最终用户的流程如下所示:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.