Tag Archives: SSO

SSO demo – Liferay Portal & Salesforce SSO with PingFederate

Warm the set and cool the tinnies, it’s time to check out our latest video.

I know, our timing is bad.  The oscars are over and here we are releasing a potential blockbuster – the day after.  Speculation in the office is rife that we felt the competition was too steep (and this ain’t no Avatar), but you can be the judge of that.

This time it’s SSO using PingIdentity’s PingFederate.  We’re doing SSO to a Liferay Portal plus Salesforce CRM & Portal.  Check it out: http://www.wdcigroup.net/video/Liferay-Salesforce_SSO_demo.html.

Want more details?  Contact us for more information on how to simplify your identity management challenges.

Single Sign-On for Salesforce/Force.com

There are some good articles from developerforce that teach you how to implement your own Single Sign-On (SSO) solution in your force.com application or Salesforce instance.

Beside solutions recommended from the above website, you can also look into some of the proven technologies that offers you additional benefits. For example: Ping Identity. With Ping Identity’s solutions, you can enjoy all these features:

  • Ability to run PingConnect in the cloud or PingFederate on-premise.
  • User Account Management with User Provisioning: Activating and deactivating users in your domain with just a few clicks.
  • Proven Security Standards: Uses SAML 1.x, SAML 2.0 or WS-Federation standard.
  • Flexibility to choose your Identity Store(s): Database, Active Directory/LDAP, Google Apps or even your Salesforce instance.
  • Ability to integrate with your existing identity management and security infrastructure (Siteminder, TAM, Oracle Access Manager).
  • Rapid Implementation: It takes days to implement the solution.
  • Ready Integration Kits: You can integrate to just about anything.
  • An SDK to create custom adapters.

If you would like to know more about the Ping Identity solutions, feel free to contact us.

Forget LDAP, do you want to use Salesforce as your identity store for your SaaS SSO?

You can.

Ping Identity allows you to universally login to your SaaS applications, using Salesforce as your user identity store.

No need to install, configure, manage, maintain and backup a local Active Directory or LDAP user store if you don’t want to, just have Salesforce manage the user identities.

What does this mean?

  • You can use Salesforce as your source of user information and login credentials for your other SaaS and Internet applications.
  • Users login to the Salesforce portal, then directly access their other Internet-based applications by simply clicking a link.
  • No further authentication is required, minimizing login failures and password resets.

Our CTO (Walter Dewildt) captures the benefits well – “”With Ping Identity’s Universal Login, Salesforce becomes the hosted identity provider, reducing license, infrastructure and ongoing maintenance costs of traditional identity stores, while leveraging the Salesforce platform’s reliability and security.”

Check out the full press release here.

Want to do salesforce.com single sign on?

Single Sign on (SSO) for salesforce.com can take various forms.

The Winter 10 version supports SAML2 for salesforce.com and the Salesforce partner & customer portals. It does not support SAML2 for Salesforce Sites yet. (Sheduled for a coming release).

When setting up SSO here are some issues you should consider:

  • What is your User or Identity store? Is it an internal store such as Active Directory, Oracle access Manager or a Custom LDAP? or do you want to use a cloud based store like Salesforce, or Google to manage your user identify information?
  • Do you have more than one user identity store?
  • Do you want to auto provision (activate/create) the Salesforce users (Just in time) or do you have an existing provisioning process?
  • Do you want to allow deep linking to URLs? or always force people to login via a “home page” or “dashboard” ?
  • Is SSO for your internal users or your customers/partners.  Do you have separate data stores for each?
  • Do you want users to keep existing usernames & passwords or get a new “single” username/password?
  • Should I use salesforce.com’s Delegated Authentication model or the SAML2 SSO?

Sounds like a lot to think about.

The reality is that there are many variants and solutions to meet your specific requirements.

At WDCi we have been looking at these issues for a while and using our partnership with Ping Identity to provide solutions to  Single Sign On requirements for Salesforce.com and other systems.

Take a look at the Identity pages on our website or contact us for more information on the right solution for SSO for your company.

Partnering with Ping Identity

In order to further our capabilities in the SaaS market, we partnered with Ping Identity some months back.  It just made sense to us, implementing Identity solutions requires strong integration skills, plus we could see a gap in our market for  SSO, security and provisioning for Salesforce and Google.

Like any partnership it takes some time to learn the product, get to know the company and work with some customers interested in the solution.

We’re impressed by the comprehensive Ping Federate solution and the rapid to deploy Ping Connect.  Let us know if you want to know more, or keep an eye on our We Did area as we post some deployments.