Find your content:

Search form

You are here

Is it possible to use Customer Portal Authentication in (aka SiteForce)


I have a client who would like to integrate a third party shopping cart into their website. The catch is that in order to complete the purchase, the user must first log into the Customer Portal, and if necessary register as a portal user. I suspect that I can build a branded authentication page using the sitelogin visualforce template, but where I'm a bit unsure of is how all that will fit into

Attribution to: Force2b_Mike

Possible Suggestion/Solution #1

The short answer to your question is Yes, you can. The long answer is as follows:

  • A user visiting your site may view all the pages on your site, but you'd like to control the activities that they are allowed to perform. This new user with no identity or authority is automatically assigned to the guest user profile.
  • You can find out exactly what a guest user can do on the Sites setting page in your org by clicking the Public Access Settings page. This determines the security profile of each and every site visitor before they authenticate.
  • You'd need to do a little bit of coding to bring together Customer Portal and Sites.
  • Set up Customer Portal with login enabled.
  • Customize the login page with a custom visualforce page so that the default login page is not shown
  • Also, enable self-registration for new users under Customer Portal settings so that new users can register using the default SiteRegister VF page. Again, you can script your own page, if you don't like the default page. This will create a portal user.

That's all you need to do to make Customer Portal and work together. If you want more in-depth details check out this developer article. It also lists some best practices.


Attribution to: Anup

Possible Suggestion/Solution #2

Word of caution to you...

Is it OK for the users to see the domain in the URL? If you want to allow users to log in then you have to expose that to them. There is no way around it.

  • sites and Customer Portal do NOT support custom SSL certificates. It is on the roadmap, but who knows when it will be delivered. I'd hope that it would be delivered whenver the support for authentication on (also on roadmap) is delivered.
  • The login form must be submitted over SSL (i.e., you have to set the apex:form's forceSSL="true").

Those two together mean that you have to expose the domain to the end user. This is something that you can only test in production, because custom web addresses are not supported in the sandboxes.

Also, is not available in Sandboxes, so you have to do all of your development directly in production. Or, you can do it in an unrelated Developer Edition. Note that if you choose to do the development of the in production or an unrelated Developer Edition and the Sites + Portal in sandboxes the domains will be different. If you have any sort of Ajax or something like that, that you'd want integrated across both, you will have to go to extra lengths (i.e., something like JSONP) that would only be necessary for development.

My 2 cents. Wait until the custom SSL certs are available. Wait until is made to be more development friendly.

Attribution to: Peter Knolle
This content is remixed from stackoverflow or stackexchange. Please visit

My Block Status

My Block Content