Apex Code Development You need to sign in to do that
Don't have an account?
Mattias Single Sign-On Gateway URL error using SSL
Hi,
We have developed a Single Sign-On Gateway URL web service using java axis, with stubs generated from the wsdl you provide on Salesforce. I have no problems running this using HTTP. When I turn on HTTPS, it says that the authentication service is down. I use a trusted real cert from thawte.
Single Sign-On Gateway URL's set for my demo company:
HTTP: http://www.nordicedge.se:82/salesforce/services/AuthenticationService
HTTPS: https://www.nordicedge.se:9443/salesforce/services/AuthenticationService
Both URL's use the same webservice and are accesible from the Internet. Any idéas? Do I need to change something in the webservice itself to support HTTPS? I earlier used a self-signed cert, could that be cached somehow on Salesforce? Is it the port numbers?
Regards Mattias
We have developed a Single Sign-On Gateway URL web service using java axis, with stubs generated from the wsdl you provide on Salesforce. I have no problems running this using HTTP. When I turn on HTTPS, it says that the authentication service is down. I use a trusted real cert from thawte.
Single Sign-On Gateway URL's set for my demo company:
HTTP: http://www.nordicedge.se:82/salesforce/services/AuthenticationService
HTTPS: https://www.nordicedge.se:9443/salesforce/services/AuthenticationService
Both URL's use the same webservice and are accesible from the Internet. Any idéas? Do I need to change something in the webservice itself to support HTTPS? I earlier used a self-signed cert, could that be cached somehow on Salesforce? Is it the port numbers?
Regards Mattias
The error is: (403)Forbidden
But I have no problem just accessing this webservice with a normal browser.
Regards Mattias
put this xml in a file (call it sso.xml)
<soap:Envelope xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'>
<soap:Body>
<Authenticate xmlns='urn:authentication.soap.sforce.com'>
<username>string</username>
<password>string</password>
<sourceIp>127.0.0.1</sourceIp>
</Authenticate>
</soap:Body>
</soap:Envelope>
then do
curl -d @sso.xml -h SOAPAction: " " -h Content-Type:text/xml https://www.nordicedge.se:9443/salesforce/services/AuthenticationService
Thanks for the answer.
I created the sso.xml file and ran:
curl -d @/data/doc/customers/Salesforce/sso.xml -H "SOAPAction:Authenticate " -H "Content-Type:text/xml" https://www.nordicedge.se:9443/salesforce/services/AuthenticationService
And the response was:
<?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Body><AuthenticateResult xmlns="urn:authentication.soap.sforce.com"><Authenticated>true</Authenticated></AuthenticateResult></soapenv:Body></soapenv:Envelope>mandersson@mandersson:~>
Which indicates that everything was ok. Can you run the curl line above and see if you get the same result?
My sso.xml is:
<soap:Envelope xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'>
<soap:Body>
<Authenticate xmlns='urn:authentication.soap.sforce.com'>
<username>testuser1@wtr918.com</username>
<password>debug:1234</password>
<sourceIp>127.0.0.1</sourceIp>
</Authenticate>
</soap:Body>
</soap:Envelope>
Also, no ip restrictions that I'm aware of...
Regards Mattias
Thanks for your answer. I figured it might have to do with the ports, but I actually use port 82 for HTTP and that works just fine. I will try with 443 as soon as I get the cert for the real dns name. Just using test URL's right now.
Could try using 82 as SSL port just to see if 82 but 9443 does not work.... I'll be back....
Regards Mattias
I have several resources (software downloads, white papers, etc) on my website that have
restricted access. I'd like to leverage Salesforce.com as the main respository for access levels and user management.
For example, if a partner wants to download marketing material they would have to provide a valid username and password in order to gain access to the resource.
My plan is to have the username and password passed to Salesforce.com to authenticate the user. If the user is authenicated successfully then its credentials are passed on to the external web site to enable access to other resources (e.g. software downloads, etc).
Thanks,
Keith