Configuring the Membership Provider

Add the following element to the system.web  » membership  » providers section of the web.config file for contact authentication in Salesforce S4S Multi-Role Edition:

<add name="salesforceContact" type="FuseIT.Sitecore.SalesforceSecurityProvider.SalesforceMembershipProvider, FuseIT.Sitecore.SalesforceSecurityProvider" 
readOnly="false" connectionStringName="S4SConnString" applicationName="sitecore" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" 
passwordStrengthRegularExpression=".*" requiresUniqueEmail="false" passwordFieldName="SitecorePassword__c" userNameFieldName="SitecoreUsername__c" 
isEncryptedFieldName="SitecorePasswordEncrypted__c" isMultiRole="true"/>


You may change the attributes’ values or use the default values (the attributes are not specified). The table below explains every attribute of this provider definition:

Standard Provider Attributes 

Attribute

Optional

Default

Salesforce field

Description

name

no

n/a


The provider name. In general, this can be any string value, unique within a set of membership providers. It is salesforce in our example.

type

no

n/a


The full name of the provider class.

readOnly

yes

true


Defines whether the provider works in read-only or read-write mode.

connectionStringName

no

n/a


The name of the connection string as set in section 6.3.1 Adding Connection String. It is S4SConnString in our example.

applicationName

no

n/a


A standard attribute of any provider. It defines the area of visibility of the provider data. It should be sitecore in our example. See the MSDN documentation for details

minRequiredPasswordLength

yes

7


A minimum number of characters required for the user password.

minRequiredNonalphanumericCharacters

yes

1


A minimum number of non-alphanumeric characters required for the user password.

requiresUniqueEmail

no

false


Defines whether a provider requires unique emails to be set for each user.

userNameFieldName

no

n/a

SitecoreUsername__c
Text(80) (External ID)
(Unique Case Insensitive)

Defines the field in a Salesforce contact or lead that will be used for storing the user name.

The corresponding change should also be made in the s4s.config UniqueKeyProperty. See 6.3.12 - Configuring Unique Key Property (optional)

passwordFieldName

yes

undefined

SitecorePassword__c
Text(80)

Defines the field in a Salesforce contact or lead that will be used for storing the password.

isEncryptedFieldName

yes

undefined

SitecorePasswordEncrypted__c
Checkbox

Determines if the Salesforce Password has been encrypted

passwordStrengthRegularExpression

yes

undefined


Regular expression used to evaluate the password. The default value is no regular expression.

requiresQuestionAndAnswer

yes

false


Does the user need to answer a password question for password reset and retrieval operations?

passwordQuestionFieldName

yes

undefined

SitecorePasswordQuestion__c
Text Area(255)

The name of the Salesforce field used to store the Password Question.

passwordAnswerFieldName

yes

Undefined

SitecorePasswordAnswer__c
Text Area(255)

The name of the Salesforce field used to store the Password Answer for the Password Question.

enablePasswordReset

yes

True


Are users allowed to reset their passwords?

maxInvalidPasswordAttempts

yes

5


The number of invalid password or password-answer attempts allowed before the membership user is locked out.

isApprovedFieldName

yes

undefined

SitecoreIsApproved__c
Checkbox

The name of the Salesforce Contact or lead field used to store if the User is approved. If not supplied all users will default to approved.

isLockedOutFieldName


yes

undefined

SitecoreIsLockedOut__c
Checkbox

The name of the Salesforce Contact or lead field used to store if the User is locked out. If not supplied all users will default to not locked out.

lastLockoutDateFieldName

yes

undefined

SitecoreLastLockoutDate__c
Date/Time

The name of the Salesforce Contact or lead field used to store the date that the user was last locked out.

failedPasswordAttemptCountFieldName

yes

undefined

SitecoreFailedPasswordAttemptCount__c
Number(9, 0)

The name of the Salesforce Contact or lead field used to store the failed password attempt count.

failedPasswordAttemptWindowStartFieldName

yes

undefined

SitecoreFailedPasswordAttemptWindowStart__c
Date/Time

The name of the Salesforce Contact or lead field used to store the failed password attempt window start.

lastLoginDateFieldName

yes

undefined

SitecoreLastLoginDate__c
Date/Time

The name of the Salesforce Contact  or lead field used to store the Last successful login date.

passwordAttemptWindow

yes

10


The number of minutes in which a maximum number of invalid password or password-answer attempts are allowed before the membership user is locked out.

isMultiRole

yes

False


Is the Salesforce Role Provider Multi-role based? E.g. This should be true if the Role Provider is SalesforceContactRoleProvider and false if it is SalesforceRoleProvider. The lead provider can only be multi-role.

lastPasswordChangedDateFieldName

Yes



The name of the Salesforce Contact field used to store the last date the password was changed.

 

Note: In order to disable the reset password option, you must specify the enablePasswordReset attribute and set its value to false in the configuration above.

 

Note: Leave passwordFieldName empty if the password isn’t needed (validating/logging in will not be used for represented users).

 

Note: To track failed password attempts and lock users out the following attributes are required: isLockedOutFieldName, lastLockoutDateFieldName, failedPasswordAttemptWindowStartFieldName, and failedPasswordAttemptCountFieldName.

Next Step

Configuring the Role Provider

Steps