Note: This section only applies if you are using the Security Connector.

There are two ways to implement Sitecore roles. Ony one should be chosen:

• • Multi-Role using fields in the contact (or lead) record to specify the Sitecore role(s). This is the default. One or more Sitecore roles have the same names as selections in a custom multi-pick list in the Salesforce contact (or lead).
  • Single-Role using the Salesforce Account to specify the Sitecore role. All contacts that belong to the Account will be Sitecore users in a Sitecore role with the same name as the Salesforce Account. Single-Role is not as flexible as Multi-role.

Single Role

The Sitecore role equates to the Salesforce account. In this configuration, each contact can only have one role (the associated Account). An account can be made a Sitecore role by checking the Sitecore Role checkbox in the Sitecore section of Account. Single-Role cannot be used with leads because they do not have a relationship with the Accounts object. This section covers the additional steps to set up Single Role role support for all Salesforce editions.

Salesforce Enterprise / Unlimited Edition Single-Role Download

For organizations using the Enterprise / Unlimited Edition who only want a single role associated with the account object should use this package download.

https://login.salesforce.com/packaging/installPackage.apexp?p0=04t90000000U7SV

Note: The package for the Enterprise / Unlimited Edition contains APEX classes and Triggers that cannot be installed on Salesforce Professional Edition. This will mean that the Enterprise / Unlimited Edition package has additional installation steps that are not displayed for the FuseIT Sitecore for Salesforce Standard Edition installer.

Salesforce Professional Edition Single-Role Download

For all other Salesforce Editions, use this package download (where a single role associated with the account object is required)

https://login.salesforce.com/?startURL=%2Fpackaging%2FinstallPackage.apexp%3Fp0%3D04t90000000D3Hi

Accounts Page Layout

Account Settings

To enable Contacts to log into Sitecore, their Account need to be Sitecore enabled.

Add new custom field

Navigate to an existing Account and edit the page layout > Add a new Section to the bottom of the Account details called Sitecore > Add the new custom filed called Sitecore Role.

Adding the Sitecore Role Field to the Account Page Layout

Save the modified Account page layout.

Auto-population with Single Role

If the FuseIT S4S Single Role package has been installed then checking the Sitecore Role checkbox on an Account will automatically create Sitecore usernames and passwords for each Contact belonging to that Account. The Salesforce Account will be exposed as a Role in Sitecore with the same name.

Enabling the Salesforce Account as a Sitecore Role

The default Username will be the Contacts name with whitespace and special characters removed.

• The password will be set to Passw0rd
• The Sitecore password will be encrypted.

Example default Username and Password for Jack Rogers Contact

Note: The Standard Edition package will not automatically create Sitecore Usernames and Passwords for each Contact. These will have to be manually entered.

Note: The Standard Edition package will not automatically encrypt the Contacts password when it is entered. The encryption of the password will take place on the first successful login into Sitecore by the Contact.

Example of Standard Edition Contact where Password is not yet Encrypted.

Please ensure that the Salesforce Configuration (required) steps at the beginning of this document have been completed.

Enabling the Switching Providers for Single Role

Add new providers by domains

Ensure the standard Sitecore security providers have been configured. After making these changes you need to configure the S4S security providers by adding the following elements:

•  To the sitecore » switchingProviders » membership element (the order is not important)

<provider providerName="salesforce" storeFullNames="false" wildcard="%" domains="salesforce" />

• To the sitecore » switchingProviders » roleManager element (the order is not important)

<provider providerName="salesforce" storeFullNames="false" wildcard="%" domains="salesforce" />

• To the sitecore » switchingProviders » profile element (it must come before the "sql" definition in this group)

<provider providerName="salesforce" storeFullNames="false" wildcard="%" domains="salesforce" />

Enabling the Switching Providers Example

Add the Membership, Role and Profile Entries

• Add the following element to the system.web » membership » providers section of the web.config file:

<add name="salesforce" type="FuseIT.Sitecore.SalesforceSecurityProvider.SalesforceMembershipProvider, FuseIT.Sitecore.SalesforceSecurityProvider" readOnly="false" connectionStringName="S4SConnString" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression=".*" requiresUniqueEmail="false" passwordFieldName="SitecorePassword__c" userNameFieldName="SitecoreUsername__c" isEncryptedFieldName="SitecorePasswordEncrypted__c"/>

• Add the following element to the system.web » roleManager » providers section of the web.config file:

<add name="salesforce" type="FuseIT.Sitecore.SalesforceSecurityProvider.SalesforceRoleProvider, FuseIT.Sitecore.SalesforceSecurityProvider" connectionStringName="S4SConnString" readOnly="false"/>

• Add the following element to the system.web » profile » providers section of the web.config file:

<add name="salesforce" type="FuseIT.Sitecore.SalesforceSecurityProvider.SalesforceProfileProvider, FuseIT.Sitecore.SalesforceSecurityProvider" connectionStringName="S4SConnString" readOnly="false"/>