Tuesday, November 20, 2012

POSTing sensitive data over VisualForce

The Problem

My current project has a requirement for passing credentials from SFDC to an external site for auto-logging in users.  The requirement is a bit different from SSO, as these are Sales support representatives needing to log in to their customer's orgs for troubleshooting purposes.  The credentials are inherently sensitive, since they are username and passwords.

The current legacy system simply posts the credentials to a Cold Fusion form over HTTPS.  To mimmick this functionality, making it slightly more secure I implemented the following:
  The client's integration into SFDC stores the username / password data in encrypted fields, only allowing the System Admin to view the password data.  Secondly, the auto login function does its best to obscure the private information.  Furthermore, the auto login must be an HTTP POST to a form, rather than an HTTP GET.

Posting from VisualForce

POSTing from Visualforce is a bit tricky.  There's no real good way of going about it.  I've gotten comments on twitter (@dancinllama, by the way) regarding using the action parameter to do a HTTP callout on load.  However, the VF action also has to redirect to the page keeping the user logged in.  When I attempted this route, the browser never maintained the session.  Perhaps I was doing something wrong here, but I decided to go with a different solution.

In order to POST from Visualforce, I created a simple form with a username and password field.  The form was a straight HTML form, not utilizing the standard VF component.  On page load, JavaScript submits the form (to an HTTPS URL) and auto-logins the user.

Security through Obfuscation

The form itself was simple, but lead to a potential security flaw:  What if a "hacker" viewed the HTML source?  Even though the form input utilizes type="password" for masking in the UI, any schmuck can view the source and see the password in plain text.  Ruh-roh.  The solution was to utilize @RemoteAction call to populate the password value before the form was submitted.

The Code

Below is the simple @RemoteAction method.  Since the method is static, I had to pass in three variables to perform a dynamic query for retrieving the password on the fly.


  @RemoteAction
  public static String getPass(String field, String apiName, String recordId){
    String ans = null;
    try{
      sObject sobj = Database.query('Select ' + field + ' From ' + apiName + ' Where Id=:recordId');
      ans = (String)sobj.get(field);
    }catch(Exception e){}
    return ans;
  }

The remote action is called on page load from the VisualForce page using javascript wizardry, which passes in the object api name, the field api name, and the id of the record to query.



<form method="post" id="uform" name="uform" action="{!url}">  <input type="text" name="username" value="{!username}" />  <input type="password" name="password" value="" />  <input type="submit" value="Submit" /></form>



<script type="text/javascript"> function getPass() {
   Visualforce.remoting.Manager.invokeAction(
     '{!$RemoteAction.MyClass.getPass}',        '{!passwordFieldName}'        '{!objectApiName}'        '{!recordId}',        function(result, event){
          if(event.status){
            document.getElementById('pass').value=result;
            document.uform.submit();
          }
        },
        {escape: true}
    );
}
if(window.attachEvent){
    window.attachEvent("onload",getPass);
}else{    window.addEventListener("load",getPass, false);
}
</script>


Although it's a bit clumodgeony, it gets the job done.  The end result is the user is redirected to "url" and if they have valid credentials, are logged into the external system.  If you have any questions, comments, or critiques, please leave them below or ping me on twitter (@dancinllama).








Posted by at No comments:

Thursday, May 17, 2012

Overriding Approval Button Label

I had a recent need for override the label of the 'Submit for Approval' button, which is enabled by creating an approval process on an object out of the box in Salesforce.  Unfortunately, since the Submit for Approval is sort of generic across different objects, there is no way of overriding the label through Setup->Customize->Tab Names and Labels.

The solution is to implement a two line VF page and hook it up to it's own button, complete with the new label.  The VF page still uses standard out of the box functionality, and no apex was used nor harmed during this customization.  

The trick is to utilize the $Action global variable.  If you take a look at the Name of the Submit For Approval button on the page layout, you should find the name of the button/action is "Submit".  Going forward with this, I created the following simple Visualforce page:

<apex:page standardController="Case" action="{!URLFOR($Action.Case.Submit,case.Id)}">
apex:page>

Note that utilizing the action parameter is considered a CSR security risk and will be flagged if you depend on packaging up the Visualforce page.

After the Visuaforce page is created, the next step is to create a custom detail page button, opening the page in existing window with sidebar.  Set the label on the button to the text you desire.  Finally, modify the page layout(s) and replace the 'Submit for Approval' button with your custom VF button.

There you have it, an easy-peasy way to "override the label" using (mostly) out-of-the-box functionality.
Posted by at No comments:
Labels: , , , , , ,

Friday, January 6, 2012

Adding a default value for Campaign Standard Field

Scenario: Without needing to enter the Campaign Name field on the edit Campaign screen, have a trigger define the Campaign Name field based on a formula like criteria.


Problem:  The Name field is required on the Campaign, and saving the page layout fires a field validation rule before the before update trigger runs.  Furthermore, there is no option to provide a default value for the Name field unlike custom text fields.


Solution: Feed a dummy data value into the Campaign name through a custom Visualforce solution.  The solution involves overriding the New button on the Campaign and directing the user to the Campaign edit page with the Campaign name pre-populated, allowing the campaign to save and fire the trigger.


Step 1) Create a Controller extension to prepopulate the Campaign Name:


Apex controller extension (CampaignExtension.cls):
public with sharing class CampaignExtension {

  public CampaignExtension(ApexPages.StandardController stdController) { 
  }
  
  public PageReference gotoUrl(){
    PageReference pageRef = new PageReference('/701/e');
    Map params = pageRef.getParameters();
    params.put('nooverride','1');
    params.put('RecordType',recordType);
    //See notes below
    params.put('cpn1','Campaign Name');
    return pageRef;
  }
}



** Notes:  
The 'cpn1' parameter is related to whichever field to default.
Viewing the HTML source of the Campaign edit screen reveals that the HTML id of the Name field is 'cpn1', hence the cpn1 parameter for the Campaign Name field.

Step 2) Create a VF page:


<apex:page standardController="Campaign" 
  extensions="CampaignExtension" 
  action="{!gotoUrl}" />

Step 3) Override standard new button for Campaign:
  1. Setup->Customize->Campaigns->Buttons and Links
  2. Click Edit next the standard New button
  3. Select the Visualforce Page radio button and select the Visualforce page from Step 2 above.
  4. Validate that "Skip Record Type Selection Page" is unchecked. 
  5. Save the override properties
Wa-la, you should have a mechanism to set the default value for a required standard field on a standard object.






Posted by at No comments:
Labels: , , , , , , , ,
Subscribe to: Posts (Atom)