Configuring Salesforce for Delegated Authentication
1. Contact salesforce.com to enable delegated authentication single sign-on
2. From Salesforce, browse to Setup  Develop  API to download the Delegated Authentication
WSDL (AuthenticationService.wsdl)
3. Specify single sign-on gateway URL by clicking Setup  Security Controls  Single Sign-On
Settings  Edit. Enter the URL in the Delegated Gateway URL text box.
4. Change profile to Is Single Sign-On Enabled
Configuring Cast Iron for Salesforce Delegated Authentication
5. Add the downloaded Delegated Authentication WSDL as one of the Cast Iron WSDL schema
6. Create a Webservice provider by using the following Schemas from the Delegated
Authentication WSDL
a. Receive Request with: Authenticate
b. Requires a Reply: AuthenticateResult
Some Testing Done
1. If orchestration is not available
2. If orchestration is available
3. If using login with user that is not existing in LDAP AD
4. There is a known bug (IBOX-16140: Error-Unable to enqueue to orchestration:
org.hibernate.exception.ConstraintViolationException: Could not execute JDBC batch update)
when using trigger the orchestration on Cast Iron version 4.0.1. This error was caused by the
regression while streaming optimization for the Web Service connector.
The issue has been resolved in 4.0.1.2 onwards.
5. Any Salesforce Delegated Authentication error can be monitored from below page