• State Not Answered
  • Replies reply
    1
  • Subscribers subscribers
    25
  • Views views
    280
  • Users 0 members are here
  • Locked Locked
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Salesforce Driver - Driver stucked after successful login call

rcano

Hi guys,

I'm connecting an IDM with a Salesforce account.

After setting the driver configuration, with all the authentication information and the entitlement, I'm able to login with the Salesforce platform, but after receiving a 200 OK and all the session information, the driver shim keeps verifying the server certificate and don't keeps processing the user add.

Probably I'm missing something with the driver configuration? I attached the trace file if it helps.

Thank you,
Rodrigo

  • 0

    I have not looked at SFDC in a long time.  But I think what is happening is that you actually do 2 different connections.

    First you login:

    [07/10/19 12:47:04.779]:DrvSalesforce - DEV ST: DrvSalesforce: Preparing to POST the following XML to https://test.salesforce.com/services/Soap/u/18.0
    [07/10/19 12:47:04.779]:DrvSalesforce - DEV ST: DrvSalesforce: login to https://test.salesforce.com/services/Soap/u/18.0
    [07/10/19 12:47:04.779]:DrvSalesforce - DEV ST: DrvSalesforce: Setting up SSL connection.
    [07/10/19 12:47:04.780]:DrvSalesforce - DEV ST: DrvSalesforce: Verifying the certificate..
    [07/10/19 12:47:05.433]:DrvSalesforce - DEV ST: DrvSalesforce: POST completed with 200 OK

    Then the response tells you where to go next (I think):

    https://girbau--partial.cs12.my.salesforce.com/services/Soap/m/18.0/00DV000000897Ei
    <passwordExpired>false</passwordExpired>
    <sandbox>true</sandbox>
    https://girbau--partial.cs12.my.salesforce.com/services/Soap/u/18.0/00DV000000897Ei
    <sessionId>00DV000000897Ei!

     

    So I wonder if the certs used on the two hosts differ.  So I went to the URLs and looked for you.  They are two different certs (test.salesforce.com and *.cs12.my.salesforce.com but the signing CA's are the same.

     

    I would consider looking to see if you have server level certs installed in your keystore.  So on the engine server, in /opt/novell/eDirectory/lib64/nds-modules/jre/lib/security/cacerts or it might be a symlink to /opt/netiq/idm/common/jre/lib/security/cacerts or nearby. 

    Compare what you have with your cacerts and the actual certs in use. Specifically the cs12.my.salefsorce.com one. 

     

Resources

Support
Documentation
Learning Services
Partner Programs
Privacy
Compliance
Help
Company
Privacy Policy
Terms of Use
Accessibility
Anti-Slavery Statement
Support
Contact Us
Careers
Code of Business Conduct and Ethics
The opinions expressed above are the personal opinions of the authors, not of OpenText. By using this site, you accept the Terms of Use. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.), Hewlett Packard Enterprise Company, or Micro Focus. As of January 31, 2023, the Material is now offered by OpenText, a separately owned and operated company. Any reference to the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks is historical in nature and the HP, Hewlett Packard Enterprise/HPE, and Micro Focus marks are the property of their respective owners.