Configuring the Membership Provider
Add the following element to the system.web » membership » providers section of the web.config file for contact authentication in Salesforce S4S Multi-Role Edition:
<add name="salesforceContact" type="FuseIT.Sitecore.SalesforceSecurityProvider.SalesforceMembershipProvider, FuseIT.Sitecore.SalesforceSecurityProvider" readOnly="false" connectionStringName="S4SConnString" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordStrengthRegularExpression=".*" requiresUniqueEmail="false" passwordFieldName="SitecorePassword__c" userNameFieldName="SitecoreUsername__c" isEncryptedFieldName="SitecorePasswordEncrypted__c" isMultiRole="true"/>
You may change the attributes’ values or use the default values (the attributes are not specified). The table below explains every attribute of this provider definition:
Standard Provider Attributes
Attribute | Optional | Default | Salesforce field | Description |
name | no | n/a | The provider name. In general, this can be any string value, unique within a set of membership providers. It is salesforce in our example. | |
type | no | n/a | The full name of the provider class. | |
readOnly | yes | true | Defines whether the provider works in read-only or read-write mode. | |
connectionStringName | no | n/a | The name of the connection string as set in section 6.3.1 Adding Connection String. It is S4SConnString in our example. | |
applicationName | no | n/a | A standard attribute of any provider. It defines the area of visibility of the provider data. It should be sitecore in our example. See the MSDN documentation for details | |
minRequiredPasswordLength | yes | 7 | A minimum number of characters required for the user password. | |
minRequiredNonalphanumericCharacters | yes | 1 | A minimum number of non-alphanumeric characters required for the user password. | |
requiresUniqueEmail | no | false | Defines whether a provider requires unique emails to be set for each user. | |
userNameFieldName | no | n/a | SitecoreUsername__c | Defines the field in a Salesforce contact or lead that will be used for storing the user name. The corresponding change should also be made in the s4s.config UniqueKeyProperty. See 6.3.12 - Configuring Unique Key Property (optional) |
passwordFieldName | yes | undefined | SitecorePassword__c | Defines the field in a Salesforce contact or lead that will be used for storing the password. |
isEncryptedFieldName | yes | undefined | SitecorePasswordEncrypted__c | Determines if the Salesforce Password has been encrypted |
passwordStrengthRegularExpression | yes | undefined | Regular expression used to evaluate the password. The default value is no regular expression. | |
requiresQuestionAndAnswer | yes | false | Does the user need to answer a password question for password reset and retrieval operations? | |
passwordQuestionFieldName | yes | undefined | SitecorePasswordQuestion__c | The name of the Salesforce field used to store the Password Question. |
passwordAnswerFieldName | yes | Undefined | SitecorePasswordAnswer__c | The name of the Salesforce field used to store the Password Answer for the Password Question. |
enablePasswordReset | yes | True | Are users allowed to reset their passwords? | |
maxInvalidPasswordAttempts | yes | 5 | The number of invalid password or password-answer attempts allowed before the membership user is locked out. | |
isApprovedFieldName | yes | undefined | SitecoreIsApproved__c | The name of the Salesforce Contact or lead field used to store if the User is approved. If not supplied all users will default to approved. |
isLockedOutFieldName | yes | undefined | SitecoreIsLockedOut__c | The name of the Salesforce Contact or lead field used to store if the User is locked out. If not supplied all users will default to not locked out. |
lastLockoutDateFieldName | yes | undefined | SitecoreLastLockoutDate__c | The name of the Salesforce Contact or lead field used to store the date that the user was last locked out. |
failedPasswordAttemptCountFieldName | yes | undefined | SitecoreFailedPasswordAttemptCount__c | The name of the Salesforce Contact or lead field used to store the failed password attempt count. |
failedPasswordAttemptWindowStartFieldName | yes | undefined | SitecoreFailedPasswordAttemptWindowStart__c | The name of the Salesforce Contact or lead field used to store the failed password attempt window start. |
lastLoginDateFieldName | yes | undefined | SitecoreLastLoginDate__c | The name of the Salesforce Contact or lead field used to store the Last successful login date. |
passwordAttemptWindow | yes | 10 | The number of minutes in which a maximum number of invalid password or password-answer attempts are allowed before the membership user is locked out. | |
isMultiRole | yes | False | Is the Salesforce Role Provider Multi-role based? E.g. This should be true if the Role Provider is SalesforceContactRoleProvider and false if it is SalesforceRoleProvider. The lead provider can only be multi-role. | |
lastPasswordChangedDateFieldName | Yes | The name of the Salesforce Contact field used to store the last date the password was changed. |
Note: In order to disable the reset password option, you must specify the enablePasswordReset attribute and set its value to false in the configuration above. |
Note: Leave passwordFieldName empty if the password isn’t needed (validating/logging in will not be used for represented users). |
Note: To track failed password attempts and lock users out the following attributes are required: isLockedOutFieldName, lastLockoutDateFieldName, failedPasswordAttemptWindowStartFieldName, and failedPasswordAttemptCountFieldName. |
Next Step
Steps
- Adding a New Salesforce Domain
- Configuring ASP.NET Security Providers
- Configuring the Switching Providers
- Configuring the Membership Provider
- Configuring the Role Provider
- Configuring the Profile Provider
- Extending the Sitecore Profile Item Template
- Configuring UniqueKeyProperty (Optional)
- Configuring UniqueKeyCaseSensitiveProperty (Optional)