You need to sign in to do that
Don't have an account?
alexsummers
Sforce security best practices
Good Day!
I'm relatively new with regards to implementing security to Salesforce integration apps.
My problem is how not to display the message "Display non-secure items" when accessing my apps through custom links.
I've learned that to this one has to encrypt the pages, are there best practices on this? Or suggestions on how to do this exactly?
I'm using C#.net in my apps....
I would really appreciate any suggestions
In other words if your integration URL is http://sfdc.example.com/lead?id=00Q23123123132 install an SSL cert and use https://sfdc.example.com/lead?id=00Q23123123132 instead (note the https instead of http). That will fix your problem - and be more secure for your users too.
Thanks
I've been developing various applications that call the SF API directly and now am in need of creating a custom s-control to perfom tasks from w/in saleforce.com itself. I noticed you're using URLs such as:
http://sf.somesite.com/processor?leadId=3214598745613
for the s-control. Is this the only way to perform functions from within a custom s-contol, by passing the IDs directly across? How can one guarantee that someone isn't just going to call that processor directly and cause havoc?
Thanks.
Scontrols can have the sessionid of the executing user passed in, thus ensuring you're operating on that user's behalf.