Salesforce supports different types of authentication methods, these include Salesforce local authentication, SAML, OpenID Connect and Delegated authentication. NAM 4.0 and above can be used for Salesforce Delegated authentication.
Salesforce allows you to use any third party web application that implements the server side of the OpenID Connect protocol. This allows you to use authentication providers like NetIQ Access Manager.
There are several reasons that cause the NAM to detect URL Tampering. Most often it is a name resolution issue stemming from improper DNS or HOSTS file configuration in your environment. Still, even with proper configuration your users may, appropriately, get this message. The reason may stem from users having become accustomed to using web server host or “short names” to access the web server/app before it was protected by Access Manager. If that is the case, this article will show you when and how you can configure NAM to allow “short name” access using the Virtual Mult-homing feature.
This is a short article providing an easy, but perhaps a not so obvious way, to use Novell Access Manager (NAM) for Single Sign-On (SSO) access to the Oracle E-Business Suite (OEBS). OEBS is used as the example, but the same SSO enabling strategy used here can be applied to other web applications as well.
Using Novell Access Manager (NAM) with salesforce.com allows your users to use their existing LDAP credentials for single sign-on access to salesforce.com as well as any web applications protected by NAM.
This cool solution will show you how to add salesforce.com to your NAM implementation using a federated authentication via SAML 2.0. By using SAML 2.0, your users authenticate to NAM as they typically do using their existing LDAP credentials provided by your corporate directory. salesforce.com then authenticates users via SAML without the need to synchronize passwords with salesforce.com. Once configured, your users will have SSO access to all your web resources protected by NAM through either the Access Gateway or using federation protocols. Unfortunately, salesforce.com does not support federated provisioning, so you will still need create users in salesforce.com. If you would like to automatically provision, deprovision, and manage the salesforce.com identities, you can use Novell Identity Manager, but that is out of scope for this article.