Re: [keycloak-user] IDP SAMLV2.0 with Salesforce

Hi Bill, I don¹t know why I missed that, thanks! Salesforce respons know with the correct login page. After logging in in Salesforce, I¹m redirected to keycloak again with a internal error: Caused by: org.keycloak.broker.provider.IdentityBrokerException: Could not process response from SAML identity provider. at org.keycloak.broker.saml.SAMLEndpoint$Binding.handleLoginResponse(SAMLEndpo int.java:299) at org.keycloak.broker.saml.SAMLEndpoint$Binding.handleSamlResponse(SAMLEndpoi nt.java:343) at org.keycloak.broker.saml.SAMLEndpoint$Binding.execute(SAMLEndpoint.java:169 ) at org.keycloak.broker.saml.SAMLEndpoint.postBinding(SAMLEndpoint.java:117) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) [rt.jar:1.8.0_45] at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:6 2) [rt.jar:1.8.0_45] at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp l.java:43) [rt.jar:1.8.0_45] at java.lang.reflect.Method.invoke(Method.java:497) [rt.jar:1.8.0_45] at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:1 37) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethod Invoker.java:296) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker. java:250) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(Resourc eLocatorInvoker.java:140) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoke r.java:109) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(Resourc eLocatorInvoker.java:135) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoke r.java:103) [resteasy-jaxrs-3.0.10.Final.jar:] at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher. java:356) [resteasy-jaxrs-3.0.10.Final.jar:] ... 39 more Caused by: org.keycloak.broker.provider.IdentityBrokerException: No assertion from response. at org.keycloak.broker.saml.SAMLEndpoint$Binding.getAssertion(SAMLEndpoint.jav a:309) at org.keycloak.broker.saml.SAMLEndpoint$Binding.handleLoginResponse(SAMLEndpo int.java:264) ... 54 more Any idea? Henk On 30/04/15 14:31, "Bill Burke" <bburke(a)redhat.com&gt; wrote: > You want to chain keycloak server to Salesforce? > > If you create a SAMLv2 IdentityProvider in keycloak that points to > Salesforce, you;ll see after you create it, an Export button. Click > that. That will create an entity descriptor with all the information > you need. > > On 4/30/2015 2:45 AM, Henk Laracker wrote: >> Hi, >> >> I like to use Salesforce as Identity Provider, the metadata provided by >> salesforce can be imported. >> But I need to specify the Service Provider in salesforce, I have to fill >> in a couple of fields, but two of them I don¹t understand (and are >> mandatory). Does someone have any clue >> >> 1. entity id , remark of salesforce : get this value from your >> serviceprovider >> 2. ACS URL, remark of slaesforce : The assertion consumer service. Get >> this value from your service provider. >> >> I have tried a lot of values but every-time I click the saml button on >> my app, it redirects to salesforce but I get a page with the error : >> Error: Unable to resolve request into a Service Provider >> >> Henk >> >> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org >> https://lists.jboss.org/mailman/listinfo/keycloak-user >> > > -- > Bill Burke > JBoss, a division of Red Hat > http://bill.burkecentral.com > _______________________________________________ > keycloak-user mailing list > keycloak-user(a)lists.jboss.org > https://lists.jboss.org/mailman/listinfo/keycloak-user