Resolve ANT with Dollar Signs ($$) on Variables

Quick little tip. On my Ant deployment script for Salesforce I run into an issue where my password which was assigned to a variable contained double dollar sign characters. Ant would by default strip out any string with ‘$$’ sign into ‘$’ because it was expecting a value.

This caused my password to stop working.

I ended up breaking my password into two variables.

from

sf.password = time$$machine

to

sf.password = time$

sf.password2 = machine

Then on my build.xml file, I created a new property to store the dollar value and updated the passwordToken property.

<property name="dollar" value="$" />
<property name="passwordToken" value="${sf.password}${dollar}{sf.password2}${sf.token}"/>

That is the post for the day.

How To Create A Profile Map for Custom SOQL in Boomi Salesforce Connector

Been working on Boomi platform for couple months now and here to share a quick tip that I learned earlier. Since Boomi now support Custom SOQL for an operation it however looses the XML profile when you import an object.

The profile can easily be fixed by doing the following.

  1. Add a Message shape and add your SOQL
  2. Add Salesforce Connector
  3. Add an Operation and click on Advanced link and choose Custom SOQL
  4. Save and run the process
  5. Inspect the logs and copy the xml and save it as a file
  6. Create a new mapping shape
  7. On the Left mapping click on Choose
  8. On Profile type select XML and choose Create New Profile
  9. Click on Import Profile
  10. Select your saved file and you are set.

 

Here is how my process looks like.

 

Give it a try!

 

Passed the Identity & Access Management Designer Certification (Achieved System Architect)

Just passed the last certified Identity and Access Management Designer to get the Certified System Architect certification. My method of studying seems to be working and would like to share my methods and notes.
Early this year at the 2nd part I made a goal to start the Technical Architect journey and get a certified every month . The method I’ve been doing is really easy, I book a date one month in advance and spend at least and hour or two reading the materials I need. I use technique called Pomodoro using an online tool kanbanflow.com and concentrate on a learning a concept. I try to do this at least everyday either before bed or I missed it for that evening I try to get up early in the morning. So far this has worked great for me as I have now a Certified System Architect.
Now about the Identity and Access Management exam. This is like the rest of the exam which is 60 + 5 extra multiple choice question. You are given 120 minutes and passing is 65%.
Honestly this was a hard exam. Best if you have done implementation of it. I wasn’t that confident I would pass the exam when I hit the Submit button.

Here are my notes about the key parts of the exam:< o the this trialmix and nail down it to 100%. - https://trailhead.salesforce.com/users/00550000006yDdKAAU/trailmixes/architect-identity-and-access-management

Authentication and Authorisation – basically who you are (credentials) and what you are allowed to do
Different OAuth Flows:
  • User Agent Flow
  • Web Server Flow
  • JWT Bearer Token Flow
Idp and SP Initiated Flow
  • Heaps of questions on IDP initiated and SP Initiated Flow (3-4)
  • Idp Initiated SAML is when
  • SP Initiated SAML is
  • Which SSO flow can use deep Linking
  • Use of Entity Id and Login URLs
Connected App and Managing Policies
  • Different types of scopes for OAuth and when to use them
  • Refresh Token Policy
  • User Provisioning – keeping users in sync
  • Custom Connected App Handler
2 Factor Authentication and Login Flows
  • When to use 2 factor and how login flows can be used for different scenarios
SSO Settings and My Domain
  • JIT User Provisioning
  • Login
  • Auth Providers
Federated SSO
Delegated SSO
Social SSO
Security
  • Login IP ranges
  • Trusted IP uses
Canvass Apps
Identity Connect
App Launcher
Auth Provider Setup
Active Directory
I’ll continue to enrich this post as I recall some of the other stuffs.

How to Setup Social Single Sign On in Salesforce

On this tutorial. I’ll walk through to the steps needed to setup Social Single Sign On with LinkedIn to Salesforce.

Do the following Salesforce steps first then we run over next LinkedIn steps.

Login to Salesforce and go to Setup and search for Auth Provider

When creating an Auth Provider – you can have Salesforce auto manage the values for a Auth Provider.

    • Select the Provider and Provide Name and URL Suffix
    • On the Registration Handler section click on Automatically create a registration handler template – you would need to edit this later
    • Hit Save.
    • Create an Account, then make sure the Account Owner has a role assigned
    • Next, let’s edit the AccountHandler auto generated for us.
    • You can grab the code from github and replace the handler – https://github.com/olopsman/salesforce-identity-registration-handler/blob/master/RegistrationHandlerTemplate
    • Update the following Constants to match your org and Community Profile name

private static final String ORG_SUFFIX = '.sso.dang.org';
private static final String DEFAULT_ACCOUNTNAME = 'Dang Channel';
private static final String EXTERNAL_USER_PROFILE = 'Customer Community User';

  • Next go to Communities Setup and for members grant the profile access to the community
  • Next to to Login and Registration and enable the LinkedIn or social sign on platform you want to configure.
  • Then finally copy the community URL

 

Next would be to create an application in your Social account LinkedIn. The steps would be similar for other like Google, Twitter and Facebook. Go developer.linkedin.com and create an App.

Give your name and app and fill in the required fields. Paste the community URL to the website URL so after authentication it knows where to redirect the page.

 

Note: you will notice that creating an app also creates a consumer key and secret, since we left these values blank in Salesforce as this was auto managed for us. You can copy the consumer key and secret to the Auth Provider section if you want to override this.

Go to your community URL and you should see LinkedIn option to login. Click on that to login to LinkedIn and authorize Salesforce to access your info. After authorization you would be redirected back to the community logged in. And bedind the scenes you have been created as a contact and user in Salesforce.

Notes on Provisioning Communities Users in Salesforce

I learned the different methods to provision external users in Salesforce.

* You can create Customers and Partners

* depending on account type you can create certain users
* personaccount and contact – customers
* account – partner/customer
* Account owner must have a role
* You can manually create contact and enable as customer or partner
* Partners have roles when enabled
* You can self register

* assign the profile in setup or
* assign in the selfregister code this overrides the setup
* assign the role
* assign the account
* You can sign up via API using the following methods

* createPortalUser
* createPersonAccountPortalUser
* Social sign on to provision a user –
* You can Just in time provision using SAML

* combine saml with more attributes and SSO to provision a user
* SAML Subject NameId as the Federation ID
* does not work for PersonAccount
* Contact email must be unique accross all even none external users
* account name and number must be unique or causes duplicate error
* Data loader
* Bulk Provisioning via API

* use same api methods – can you pass bulk here? api limits apply
* Identity Connect with Active Directory

https://developer.salesforce.com/blogs/developer-relations/2014/06/how-to-provision-salesforce-communities-users.html