I have a general question for any security minded experts out there. Currently have a requirement to securely manage the exchange of a "secret" between a client application (generally exists in SFDC) and a known, trusted webservice. I'd like to validate that the subscriber (client) is valid using some method of secure authorization, then respond with an encrypted secret.

The secret will be used to unlock a document (in simple terms).

Looking for past experiences / best practices for doing this. I don't want to be dependent on subscriber orgId and session callback proxy to validate that the caller is valid if at all possible.

Example flow:
 
Client App (wants a secret to unlock a file) --> 
Calls a trusted web service (https) --> 
Needs to send the web service some kind of authorization package to get the secret -->
-->Authority receives something
 
# Is this a MAC? SHA256/512?
# Should this be a piece of encrypted data specific to the client (like a clientId which the Authority would know already??) using something like AES256 algorithm with a managed initialization vector and cipher block chaining??
# Should this be a unique digital signature (RSA/RSA-SHA1) for the clientId already known by the Authority that could be verified by using a shared private key?
 
-- Authority does something to validate that the Client application is authorized to receive the secret
<-- Authority sends the secret as an encrypted digest that the client "salt" can decrypt??
--> Client receives encrypted package, decrypts somehow (using managed IV with salt as private key?) and uses the "secret" to unlock the document.

Here's the code for the class:

@isTest
private class JSLeadAssignmentTestClass {

    static testMethod void triggertest() {
        //Create new lead record
        Lead l = new Lead(firstname='test' , lastname='apex' , company='Oracle', LeadSource='Jigsaw');
        insert l;
    }   

When using the Apex Test Runner in Eclipse, I receive the error:

EXCEPTION_THROWN|[10,9]|System.DmlException: Insert failed. First exception on row 0; first error: REQUIRED_FIELD_MISSING, Required fields are missing: [Company]: [Company]

Any help would be greatly appreciated

Hi all,

My first post on the board!

I'm looking into the possibility to print such a hierarchy on a visualforce page:

-Object 1
    * Object 3
    * Object 4
        • Object 5

               # Object 7
        • Object 6

Objects are all of the same type, and relations between them are also stored in the database.

What I did so far is some looping in order to find objects related to each other.

The problem comes up when I want to add the elements the a List.

My idea was to have a List within a List within a List within a List... and loop over this on my page.

But with this part I'm stuck. How adding them to a list?

Purpose would be to have it structured with a parent object next to a list of child objects:

Object 1, List{
    Object 3, null (no list, because no child elements)
    Object 4, List {
            Object 5, List {
                    Object 7, null (no list, because no child elements)
                    }
            Object 6, null (no list, because no child elements)
            }
        }

Is this possible with lists?

Anyone did something similar so far?

Thanks for helping me out!

Hi,

I have configured remote application in my dev org. I have my own server which makes REST calls to SF after user registered his account with my web app through SF OAuth. I do not have app exchange application. I want my customers to be able to use my application on any SF org proffeccional/enterprise/etc... Do i need to do security review even though i do not have app exchange app?

Thanks

Albert

what are the chatter limits and are there governor limit functions to retreive them?

Example is the number of entity subscriber limits of 500. Are there limit functions to get the max limit for a user and their current entity subscription count

Step 1. connection = new EnterpriseConnection(ConnectorConfig) <-Peforms auth and gets session&auth

Step 2. connection.xyz() <- communicates direclty with endpoint with session

- Can step1 be performed in a thread and then have step2 be performed in multiple threads in parallel to do different tasks (assuming no logout() is called and session is not invalidated due to some  other reason)

- Is there a limit to number of times we can say new EnterpriseConnection(ConnectorConfig) and create new sessions?

- Is a better model to:

Step 1. connection = new EnterpriseConnection(ConnectorConfig) <-Peforms auth and gets session&auth

             sessionConfig = connection.getConfig();

Step 2. newConnectionInThread = new EnterpriseConnection(sessionConfig) <- doesn't perform auth again

             newConnectionInThread.xyz() <- communicates direclty with endpoint with session

Thanks.

We are a select SFDC consulting company. We primarily use Pervasive and Scribe but want to expand our expertise.  We have an integration project using Apatar.

What are examples of work you have done with Apatar?

Thank you for your reply! 

Hi all,

I have a problem with merging the date field into the visualforce page.

I used {!Oppr.Entry_Date__c} it displayed "Tue Aug 10 00:00:00 GMT 2010".

I require the format to be "Tue Aug 10 2010".

How to change the format to achieve my requirement.

Any help regarding this will be appreciated.

Thanks in Advance.

Here's the code for the class:

@isTest
private class JSLeadAssignmentTestClass {

    static testMethod void triggertest() {
        //Create new lead record
        Lead l = new Lead(firstname='test' , lastname='apex' , company='Oracle', LeadSource='Jigsaw');
        insert l;
    }   

When using the Apex Test Runner in Eclipse, I receive the error:

EXCEPTION_THROWN|[10,9]|System.DmlException: Insert failed. First exception on row 0; first error: REQUIRED_FIELD_MISSING, Required fields are missing: [Company]: [Company]

Any help would be greatly appreciated

Not sure what would be the best way to achieve this.

There is a custom button in account object. When clicked on that fields of a new custom object is displayed.

The page layout should match standard saleforce layout.

One of the field displayed on the new page is dependant on few fields on the account object.

How do I do this. I was thinking I would call a Visual force page from the custom button. Is that a good idea?

Does anyone know why an email alert triggered from a workflow would not be creating the associated activity history? Emails sent through the interface, through Apex, and through the API are all logged in activity history (when the appropriate information is set). The email alert is set to be sent to the Contact Email (standard) field.

Thanks!

As discussed in Ideas (http://ideas.salesforce.com/article/show/69729) here's a solution we have used for clients to enable customisation of the Clone button on Opportunities. This can be used to selectively choose which fields to copy and set default values:

For full details and the code to clone opportunity Line Items please contact me directly. We will be re-writing this in VisualForce over the coming months to make it futureproof.

Steps to Implement - Admins only

1. Setup -> Customize -> Opportunity -> Buttons and Links

2. Create new custom button called Clone, behaviour is Execute Javascript, Display Type Detail Page Button.

3. Paste in the code below and edit to match your requirements.

4. Remember to add the new button to the Opportunity page layout(s) and hide the original Clone button.

4. Test!

// Copyright 2008 BrightGen Ltd - All Rights Reserved try{ {!REQUIRESCRIPT("/soap/ajax/14.0/connection.js")} // ** EDIT THIS QUERY TO LIST THE FIELDS YOU WANT TO COPY ** var result = sforce.connection.query("Select o.Type, o.StageName, o.Product_Type__c, o.Planned_Opportunity__c, o.MarketSector__c, o.CampaignId, o.Business_Unit__c, o.Amount, o.AccountId From Opportunity o WHERE o.Id = '{!Opportunity.Id}'"); var newOpp = result.getArray("records"); // Reset the Opp Id and reset fields to default values newOpp[0].Id = ''; newOpp[0].Name = "Clone {!Opportunity.Name}"; // ** EDIT THESE FIELDS TO SET DEFAULT ANY VALUES ** newOpp[0].StageName = "1. Prospecting"; newOpp[0].CloseDate = new Date(2099, 0, 1); var saveResult = sforce.connection.create(newOpp); if (saveResult[0].getBoolean("success")) { newOpp[0].id = saveResult[0].id; alert("Opportunity cloned without line items"); } else { alert("Failed to create clone: " + saveResult[0]); } // Refresh the page to display the new oppportunity window.location = newOpp[0].id; } catch (err) { alert (err.description ); }