Apex Code Development You need to sign in to do that
Don't have an account?
Venkat Kali 8 Cannot activate a disabled portal user error - SSO
We have a Single Sign On set up in our org through Auth Providers. We have a partner and we have integration set up with their salesforce instance. They provide support for our cases in salesforce. When the ticket is created in our instance we send the ticket information to their SF instance along with the SSO URL for the ticket in our partner community. The partner users click the link from their SF instance to login into our partner community by means of SSO. We have registration handler set up for the auth provider
When the deactivated user tries to click the link the code activates the deactivated user but since I had disabled the portal user instead of deactivating them the code is throwing an error 'cannot deactivate the portal user' when they click the SSO URL in their SF instance. Since their credentials are tied to the disabled user I am not able to figure out how I could get around this to enable them login through SSO as before.
I have read through many articles and all I could found was disabled portal user cannot be activated. My question to you is - is there any way we can activate those users? Or is there any workaround you suggest to resolve the issue without affecting the functionality to the users that are able to SSO successfully? It could be helpful if we can delete users in SF but I know that is not possible. Please advise me. Thanks!
The Single Sign-On Initialization URL we sent over to partners is https://login.salesforce.com/services/auth/sso/00D300000006pcOEAQ/Vecna_Portal?community=https://vecna.force.com/partners&startURL=/' + c.Id
Apex Class:
global class TaosRegistrationHandler implements Auth.RegistrationHandler {
// See: http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_auth_plugin.htm
global User createUser(Id portalId, Auth.UserData data) {
debug('createUser',data);
Account taosAcct = [select id from Account WHERE Name = 'Taos' LIMIT 1];
List<Contact> contacts = [SELECT Id FROM Contact WHERE Email = :data.Username AND AccountId = :taosAcct.Id ORDER BY CreatedDate DESC];
Contact contact = contacts.isEmpty() ? null : contacts[0];
if (contact==null) {
contact = new Contact(
FirstName = data.firstName,
LastName = data.lastName,
Email = data.username,
AccountId = taosAcct.Id
);
insert contact;
}
List<User> users = [SELECT Id,IsActive,Email,Username,FirstName,LastName,Alias,CommunityNickname,ProfileId,
ContactId,LocaleSidKey,LanguageLocaleKey,TimeZoneSidKey,EmailEncodingKey FROM User WHERE ContactId = :contact.Id];
User user = users.isEmpty() ? null : users[0];
if(user==null) {
List<Profile> profiles = [SELECT Id FROM Profile WHERE Name = 'Taos Community User'];
Profile profile = profiles.isEmpty() ? null : profiles[0];
if(profile==null)
throw new TaosRegistrationHandlerException('Could not find a Community user profile');
String alias = 'T_' + data.email.replace('@', '').substring(0, 6);
String nickname = data.attributeMap.get('display_name');
user = new User(
Email = data.username,
Username = data.username+'.sso',
Alias = alias,
CommunityNickname = nickname,
ProfileId = profile.Id,
ContactId = contact.Id
);
}
updateUserSobject(user,data);
return user;
}
global void updateUser(Id userId, Id portalId, Auth.UserData data) {
debug('updateUser',data);
User user = new User(Id=userId);
updateUserSobject(user,data);
update user;
}
void updateUserSobject(User user, Auth.UserData data) {
//deactivateOldestUser();
user.FirstName = data.firstName;
user.LastName = data.lastName;
user.Email = data.username;
user.Username = data.username+'.sso';
user.LocaleSidKey = data.locale;
user.LanguageLocaleKey = data.attributeMap.get('language');
user.TimeZoneSidKey = 'America/Denver'; // TODO
user.EmailEncodingKey = 'ISO-8859-1';
user.IsActive = true;
}
void debug(String context, Auth.UserData data) {
system.debug('§ ' + context);
system.debug('§ organization_id ' + data.attributeMap.get('organization_id'));
system.debug('§ user_id ' + data.attributeMap.get('user_id'));
system.debug('§ username ' + data.attributeMap.get('username'));
}
/*
void deactivateOldestUser() {
List<User> taosUsers = [select id from user where profile.name = 'Taos Community User' and isactive = true AND lastlogindate != null order by lastlogindate ASC];
if(!taosUsers.isEmpty() && taosUsers.size() > 11) {
User u = new User(Id = taosUsers[0].Id);
u.IsActive = false;
update u;
}
}
*/
class TaosRegistrationHandlerException extends Exception{}
}
When the deactivated user tries to click the link the code activates the deactivated user but since I had disabled the portal user instead of deactivating them the code is throwing an error 'cannot deactivate the portal user' when they click the SSO URL in their SF instance. Since their credentials are tied to the disabled user I am not able to figure out how I could get around this to enable them login through SSO as before.
I have read through many articles and all I could found was disabled portal user cannot be activated. My question to you is - is there any way we can activate those users? Or is there any workaround you suggest to resolve the issue without affecting the functionality to the users that are able to SSO successfully? It could be helpful if we can delete users in SF but I know that is not possible. Please advise me. Thanks!
The Single Sign-On Initialization URL we sent over to partners is https://login.salesforce.com/services/auth/sso/00D300000006pcOEAQ/Vecna_Portal?community=https://vecna.force.com/partners&startURL=/' + c.Id
Apex Class:
global class TaosRegistrationHandler implements Auth.RegistrationHandler {
// See: http://www.salesforce.com/us/developer/docs/apexcode/Content/apex_auth_plugin.htm
global User createUser(Id portalId, Auth.UserData data) {
debug('createUser',data);
Account taosAcct = [select id from Account WHERE Name = 'Taos' LIMIT 1];
List<Contact> contacts = [SELECT Id FROM Contact WHERE Email = :data.Username AND AccountId = :taosAcct.Id ORDER BY CreatedDate DESC];
Contact contact = contacts.isEmpty() ? null : contacts[0];
if (contact==null) {
contact = new Contact(
FirstName = data.firstName,
LastName = data.lastName,
Email = data.username,
AccountId = taosAcct.Id
);
insert contact;
}
List<User> users = [SELECT Id,IsActive,Email,Username,FirstName,LastName,Alias,CommunityNickname,ProfileId,
ContactId,LocaleSidKey,LanguageLocaleKey,TimeZoneSidKey,EmailEncodingKey FROM User WHERE ContactId = :contact.Id];
User user = users.isEmpty() ? null : users[0];
if(user==null) {
List<Profile> profiles = [SELECT Id FROM Profile WHERE Name = 'Taos Community User'];
Profile profile = profiles.isEmpty() ? null : profiles[0];
if(profile==null)
throw new TaosRegistrationHandlerException('Could not find a Community user profile');
String alias = 'T_' + data.email.replace('@', '').substring(0, 6);
String nickname = data.attributeMap.get('display_name');
user = new User(
Email = data.username,
Username = data.username+'.sso',
Alias = alias,
CommunityNickname = nickname,
ProfileId = profile.Id,
ContactId = contact.Id
);
}
updateUserSobject(user,data);
return user;
}
global void updateUser(Id userId, Id portalId, Auth.UserData data) {
debug('updateUser',data);
User user = new User(Id=userId);
updateUserSobject(user,data);
update user;
}
void updateUserSobject(User user, Auth.UserData data) {
//deactivateOldestUser();
user.FirstName = data.firstName;
user.LastName = data.lastName;
user.Email = data.username;
user.Username = data.username+'.sso';
user.LocaleSidKey = data.locale;
user.LanguageLocaleKey = data.attributeMap.get('language');
user.TimeZoneSidKey = 'America/Denver'; // TODO
user.EmailEncodingKey = 'ISO-8859-1';
user.IsActive = true;
}
void debug(String context, Auth.UserData data) {
system.debug('§ ' + context);
system.debug('§ organization_id ' + data.attributeMap.get('organization_id'));
system.debug('§ user_id ' + data.attributeMap.get('user_id'));
system.debug('§ username ' + data.attributeMap.get('username'));
}
/*
void deactivateOldestUser() {
List<User> taosUsers = [select id from user where profile.name = 'Taos Community User' and isactive = true AND lastlogindate != null order by lastlogindate ASC];
if(!taosUsers.isEmpty() && taosUsers.size() > 11) {
User u = new User(Id = taosUsers[0].Id);
u.IsActive = false;
update u;
}
}
*/
class TaosRegistrationHandlerException extends Exception{}
}