collective.salesforce.authplugin 1.1rc1

Using the architecture of Zope's Pluggable Authentication Service and PlonePAS, Salesforce Auth Plugin provides the infrastructure to manage site users as arbitrary objects within a Plone portal.

Code repository: http://svn.plone.org/svn/collective/PASPlugins/collective.salesforce.authplugin/ Detailed Documentation ******************

Salesforce Auth Plugin

Product home is http://plone.org/products/salesforceauthplugin. A documentation area and issue tracker are available at the linked locations.

A Google Group, called Plone Salesforce Integration exists with the sole aim of discussing and developing tools to make Plone integrate well with Salesforce.com. If you have a question, joining this group and posting to the mailing list is the likely best way to get support.

Failing that, please try using the Plone users’ mailing list or the #plone irc channel for support requests. If you are unable to get your questions answered there, or are interested in helping develop the product, see the credits below for individuals you might contact.

Overview

Using the architecture of Zope’s Pluggable Authentication Service and PlonePAS, Salesforce Auth Plugin provides the infrastructure to manage site users as arbitrary objects within a Plone portal. Features and capabilities for Plone user management via Salesforce.com include:

• Configurable SFObject type to serve as Plone user for authentication

• Configurable username and password field on an SFObject for credential checking

• Optional password encryption

• Optional caching of user data from Salesforce.com to improve performance

• Addition of new users as designated SFObject type from Plone portal into Salesforce.com

• Property retrieval and setting for Plone users as stored in Salesforce.com

Install & Dependencies

See ./docs/INSTALL.txt

Known Problems

See “Caveats” in ./docs/INSTALL.txt

Credits

The Plone & Salesforce crew in Seattle and Portland:

• Jon Baldivieso <jonb –AT– onenw –DOT– org>

• Andrew Burkhalter <andrewb –AT– onenw –DOT– org>

• Brian Gershon <briang –AT– webcollective –DOT– coop>

• David Glick <davidglick –AT– onenw –DOT– org>

• Jesse Snyder <jesses –AT– npowerseattle –DOT– org>

Salesforce.com Foundation and Enfold Systems for their gift and work on beatbox and the original proof of concept code that has become Salesforce Auth Plugin (see: http://gokubi.com/archives/onenorthwest-gets-grant-from-salesforcecom-to-integrate-with-plone)

See the HISTORY.txt file for the growing list of people who helped with particular features or bugs.

License

Distributed under the GPL.

See LICENSE.txt and LICENSE.GPL for details.

Running Tests

It is strongly recommended that you run your tests against a free developer account, rather than a real production Salesforce.com instance. … With that said, to run the tests for Salesforce Auth Plugin do the following:

Configure your Salesforce.com instance:

In order to successfully run all of the automated unit tests, some modifications need to happen within your Salesforce.com instance.

In many of the tests, authentication, user creation, and modification happen against the Salesforce.com contact and/or lead object. Specifically, the unit tests create objects and then authenticate against two custom fields: Password and UserName.

For all tests to successfully work create and configure the following fields as shown below:

Field Label Field Name Field Type

———– ———- ———-

Password Password Text(100)

User Name UserName Text(50)

Favorite Boolean FavoriteBoolean Checkbox

Favorite Float FavoriteFloat Number(13, 5)

Note: You can accept the defaults for the other field attributes.

Read:

Running Tests –> “To run tests in a unix-like environment” from SalesforceBaseConnector, which is a dependency, so you should have it :)

Do the following:

Rather than running the test suite for salesforcebaseconnector do the following:

$INSTANCE/bin/zopectl test -s collective.salesforce.authplugin

FAQ about running tests

If you have trouble running tests, consult “FAQ about running tests” from SalesforceBaseConnector.

Change history

1.1rc1 (2009-09-16)

• In the case of a SoapFaultError when trying to connect to Salesforce, catch the exception, log a warning, and return None so that PAS tries the next plugin. This makes it easier to recover after the password gets changed in Salesforce. [davisagli]

1.1b1 (2009-09-08)

• Updated query calls to use a full SOQL statement. [davisagli]

• _buildAuthenticationQuery now returns a full SOQL statement rather than the old set of 3 parameters that used to be expected by salesforcebaseconnector’s query method. [davisagli]

• Updated version spec for dependency on beatbox. [davisagli]

1.0b2

• Critical fix for security vulnerability when using collective.salesforce.authplugin with configuration constant CACHE_PASSWORDS enabled. The view stored within the SalesforceAuthPluginCache RAM Cache Manager as authenticateCredentials-username doesn’t include a hash of the user’s password thereby allowing others to log into the portal with a correct username, but incorrect password after a successful login has been accomplished with the correct credentials for the length of the cache period. Though CACHE_PASSWORDS is disabled by default, most users are likely to have enabled this option in attempt to either improve performance or save Salesforce.com API requests. Users of versions prior to 1.0b2 with CACHE_PASSWORDS enabled are encouraged to upgrade immediately! [andrewb, thanks to Quintagroup for discovery and patch]

• Stop using trademarked Salesforce.com icon. [davisagli]

• More gracefully handle Plone’s default sharing tab which searches for similarities to a given query within id, login, and fullname. The latter was leading to erroneous results and often completely exceeding the timeout period for XHR calls from the form itself. The workaround is to inspect the search parameters for fullname and if not mapped within the ‘authentication’ or ‘properties’ treat the search query as a login so the search doesn’t timeout and lose other valid results. [jessesnyder]

• User Enumeration accounts for Additional Condition Clause, which was previously supported in authentication, but various search forms would return ineligible users per the site’s configuration. [andrewb]

1.0b1

• Initial release of egg-based Salesforce Auth Plugin product with significant historical influence from various other proof of concept implementations. [Thanks to Salesforce.com Foundation, Enfold Systems, ONE/Northwest, NPower Seattle, Web Collective, The Plone/Salesforce Integration crew (http://groups.google.com/group/plonesf)]

Download