How can visualforce pages and their respective controllers be hosted on SFDC but have my own domain name and URL extension being used when directing users to them?
I am building pages in VisualForce with Apex controller extensions in the background and would like to know how to direct my users to them whilst still prepended the filename with my own URL and not na9.salesforce......
Would these pages have to be hosted on Sites.com Or can I host them as pages in my developer.force.com account? I think the first because if they were to be hosted within SFDC then a login would be required to view the pages?
I am so confused that things are not going well. I know that SFDC want everything to be integrated but i think that users should just be happy with a single solution that does not have modules thrown all over the place where you need bespoke training to use effectively.
Salesforce.com's Sites is the technology that you are going to need to use if you want to provide your own domain (URL). Essentially, with that technology you can setup a guest account for anonymous user access. So everything still runs under the context of a user it would just be this generic guest account.
This article explains the details of mapping your Domain to the Salesforce.com Site domain.
http://wiki.developerforce.com/page/Force.com_Sites_Best_Practices
Related
I have a website (hypothetical) but it doesn't have any authentication. Just people can view it without registering and they can't see any login screen(There is no any Sign-Up, Sign In). But the site has a feature to add posts. That feature can be only used by the Admin. There is a special page designed for him to add posts. But Others should not be able to access that page. How to set up something like that? Without a login? Is it possible?
You could host the admin site with another port, so it is only accessible in your network. Other than that i think you'd need a login system.
I have a project where subdomains are created for each of my users. So, if my project is example.com, a customer of mine might have steve.example.com.
I then added social logins with Google and Facebook. For Google's "Authorized JavaScript origins" and "Authorized redirect URIs", they don't allow wildcard domains. What's the best way to handle this?
Next, it gets more complicated for users that want to load steve.example.com on their own domain via CNAME. So if example2.com's DNS is pointed to steve.example.com, it appears I need to add example2.com to my Authorized Javascript Origins. What's the best way to handle this? Can I add it via API? I can't find any documentation regarding this and I'd rather not have to manually add 1000 subdomains and domains to Google.
Do you want a user to authorize a scope "A" for site 1 and get it auto approved for site 2? Most likely not.
If you use the same client ID (put these all in the same project) that means they should just be approved once by a user. This may be a privacy violation if the sites are different and a user may not want to sign-in to one of those but into another.
To solve this, you should be creating a different client id for each of your customer.
Another good reason to create a project/client id is if for some reason there is abuse and one of the client ID is compromised then other/all customers are not effected.
If you are creating project/client ids for each project then you should add the right subdomain there during the configuration. I also recommend not having all the projects (1000s as you say) in one Google account.
We are developing an app which our customer would like to install for some of their teams. However, we have not yet listed this app on the App Marketplace and would like to install this application for our client's sub-org without needing to do so. Is there any way to have the admin grant access to our app for only this sub-org?
We checked out domain wide delegation, but it seems to be for the whole domain. The only other method seems to be using OAuth, but this would involve every person individually signing up, and not a one time action by the admin.
Thanks!
As far as I know.... no.
But you definitely could simulate that. For instance make your app completely public, but on the login page check for the IP of the logged customer and then decide if it comes from the right subdomain. If not, send the customer to a "403" page.
Or you might be able to create ONE user, using the same email for the whole organization?
Currently have an client application running on GAE that supports OpenId login to access resources on a server application (also on GAE) through OAuth. All is fine.
But, it requires that the user have an account with Google, Yahoo, or other OpenId provider. While that seems fine for personal users, how do I handle the corporate case where users want to use myname#mycompany.com as their login?
Do I build my own OpenId provider, host it, and store those names/passwords in a database?
Is there existing OpenId source that I can use, but give it my own names/passwords?
Do I skip OpenId entirely and somehow get my own custom db lookup to integrate with GAE authentication?
Something complete different?
My work is in Java, so Java solutions are preferred. And since this is more for prototyping than for production use, easier solutions are preferred :).
After doing some additional research it seems that if I want to stick with my current use of Restlet's GAEAuthenticator then I will have to rely on OpenId. There appears to be ways to rewrite the entire authentication so that it works both with Google/OpenId and a custom database (not what I want to try), and there appear to be commercial products (SadaSystems) that seem to also do it.
For now, my workaround is to ask people who want to use their own email address in our system to sign up with MyOpenId and add that email address as their persona.
We are trying to build one simple website using force.com sites.Here User logged into website and need to perform different actions by moving to different VF pages.
We are facing a Problem to maintaine Session of particular user. We need help regarding how to maintaine session for particular user.
Kindly give your help. Please provide any sample code.
Thanks.
You can't ;)
Think about it, you can store usernames/passwords in your data objects and if they allow you to login and maintain a session for that user and use it to walk around apex pages and builtin forms why would you buy a salesforce license? You could operate a 1000 employees rig with just one administrative license and a site URL. For that reason salesforce does not allow you session control, it grants you one when you buy and expense a license.
For sites, you have to purchase either Customer Portal license or volume-based High Volume Customer Portal set and then use those to "promote" a contact into a login user with the above license. Then, when that user logs into site it has its own session.
This document http://wiki.developerforce.com/index.php/Authenticating_Users_on_Force.com_Sites might be of great help.
This tutorial shows you how to authenticate users on Force.com Sites. It provides a description of Customer Portal, which is needed for the authentication, and shows you how to set up such a site and process to allow site visitors to become authenticated users.
The points on customer portal are correct, and you have to pay for these licences. If you build your own auth on Force.com Sites and salesforce.com finds out they'll be very unhappy. That said you can still do it using cookies (http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_classes_sites_cookie.htm) but it's not perfect because it's client-side.
I highly recommend that you steer clear of this approach though. You're better off building your UI layer on another platform (Google App Engine or Heroku) and using web services created on the Force.com platform through that UI.