I have a requirement where I have created an community.
Contact will create an account. This will give them access to the portal where they can login to the community at any point and can fill out an applications for the programs.
No Tabs just a home screen with user’s contact info
Link on left:
My Account
My Applications
My Groups
Chatter
Once an application is approved, user will be made a member of the corresponding group.
If part of community but not part of any programs, they will have access to general chatter
Group Pages – will have separate chatter and home page.
Can anyone please help me with this?
Related
I have a React Application that uses Microsoft AD to authenticate users.
As a first step, and according to Microsoft Documentation, we need to register the application with the Microsoft identity platform.
This is inline with Microsoft Identity Platform Documentation, in this diagram we can see that for ALL types of applications (SPA, Web App, etc), we always need to configure an application in AzureAD:
This process is "cumbersome", and i'm trying to remove it by having the application installed automatically.
Several third-parties do this, such as Zapier, SpecFlow, etc.
Basically, they have a process where:
User logs in on Zapier
User is redirected to Azure AD sign-in page
User is authenticated and authorized
AzureAD shows the Consent Page
User consents
Application is installed on user's AzureAD
I've been reading and searching in Microsoft's Documentation, and i cannot find a single document that shows or even mentions this type of flow.
BUT, i know that this is possible, as there are several third parties that are doing exactly this, as Zapier, for example.
Can anyone point me in the right direction, there must exist some Microsoft document that explains how this process is done!
Apologies if this should be a comment, not an answer. I do not have enough SO reputation to write comments.
Zapier is published to the Azure Active Directory application gallery (1c76d9b0-0826-4b19-8706-29572657af1e). You can do this as well:
https://learn.microsoft.com/en-us/azure/active-directory/manage-apps/v2-howto-app-gallery-listing
If an application already exists in the gallery, it does not need to be "registered" in the user's tenant, as the registration definition is defined in the gallery.
Once an app is in the gallery, users can use it only if their tenant's administrators allow this, per the settings on this page:
Enterprise applications | User settings
https://entra.microsoft.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/~/UserSettings
From the user's end, there are other governance controls that may impact the user's ability to use your app, but I think "register your app in the gallery" is probably what you're asking for.
I was going through the mongodb docs for Role Based Authentication Control. I have understood how it works, but I have a few questions.
How is it applied in real life scenarios? For example let's say I am running a blogging web app. How would I use Role Based Authentication Control to improve my app management?
Admin user is a super user, who can do any operation on any blogger accounts, their content. But, bloggers are limited only their content, their account
Admin user:
A admin user will be able to see all the blog posts, even under draft stage.
Admin user can hide or unhide any blogpost.
Admin user will be able to delete or disable any account.
Admin user will be able to take backup of any account blogposts.
Blogger:
A blogger will be able to see only his/her blog posts.
Blogger will be able to hide or unhide only his/her blogposts.
Blogger will be able to delete or disable only his/her account.
Blogger will be able to take backup of only his/her account blogposts.
We use SFDC Customer Portal for allowing our customers access to portal features such as product documentation and case management. One of our business requirements is to require customers to accept an agreement before they can choose a password and gain access to the portal.
Is this scenario possible with configuration of the customer portal or is this something that will require us to code custom visual force pages? Appreciate any pointers in this regard.
Thanks
-Subhash
There is no configuration setting in Customer Portal that lets you do this natively. However you can easily implement this using a Visualforce page. Customize the landing page (login page) so that the login options are only shown when the user accepts the User Agreement using javascript or visualforce ajax.
Anup
We are trying to build one simple website using force.com sites.Here User logged into website and need to perform different actions by moving to different VF pages.
We are facing a Problem to maintaine Session of particular user. We need help regarding how to maintaine session for particular user.
Kindly give your help. Please provide any sample code.
Thanks.
You can't ;)
Think about it, you can store usernames/passwords in your data objects and if they allow you to login and maintain a session for that user and use it to walk around apex pages and builtin forms why would you buy a salesforce license? You could operate a 1000 employees rig with just one administrative license and a site URL. For that reason salesforce does not allow you session control, it grants you one when you buy and expense a license.
For sites, you have to purchase either Customer Portal license or volume-based High Volume Customer Portal set and then use those to "promote" a contact into a login user with the above license. Then, when that user logs into site it has its own session.
This document http://wiki.developerforce.com/index.php/Authenticating_Users_on_Force.com_Sites might be of great help.
This tutorial shows you how to authenticate users on Force.com Sites. It provides a description of Customer Portal, which is needed for the authentication, and shows you how to set up such a site and process to allow site visitors to become authenticated users.
The points on customer portal are correct, and you have to pay for these licences. If you build your own auth on Force.com Sites and salesforce.com finds out they'll be very unhappy. That said you can still do it using cookies (http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_classes_sites_cookie.htm) but it's not perfect because it's client-side.
I highly recommend that you steer clear of this approach though. You're better off building your UI layer on another platform (Google App Engine or Heroku) and using web services created on the Force.com platform through that UI.
We have installed SharePoint Server 2010 and Project Server 2010 without AD. We're a disconnected bunch and thought we'd take it for a spin since being part of BizSpark. But now I'm seeing an issue with editing user account info like email address. Can anyone give me some hints on how life might be like without AD or how to supplement what we might be missing by running the system without AD. Many posts note it is supported but little has notes on what you might be missing.
Thanks in advance.
What you need is to check out the User Profile Service Application area.
Go to SharePoint Central Administration
Go to Manage Service Applications
Select User Profile Service Application
This area is the home of the accounts that are in SharePoint, as well as all the information about the users and how it is displayed on their "My Site"/profile page areas.
If you select Manage User Profiles, this is the area where you can override information from Active Directory about users that are in sharepoint. If you connect to AD, you'll see a little database icon next to the fields that indicates it is synchronized. Even if you use AD, these field can be individually overriden with new information. If you don't have AD, then these will all need to be populated manually by you.
If you go to Manage User Properties you will find all the options to show which fields are editable and which fields are not on a user's profile. This includes, but is not limited to:
Email
Display Name
Homepage/Url
Department
Manager
If you have AD, you'll rarely visit this service admin page, because everything will just work. If you don't, then you'll need to check out this area to change the information about the people that are using your SharePoint instance.
Hope that helps!