function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
sfdcbynitesfdcbynite 

Pure force.com/VF/Apex vs. Heroku/force.com hydrid

I am really not sure which way to go on this, so I figured I pose the question to the wonderful force.com dev community.

 

I have a client who is looking to build a SaaS product to help customers manage certain tax records. We anticipate a very large volume of users who will be accessing the system if not every day, then every few days and will enter in their data either via a wizard or directly into a form. They will have the ability to view what they have entered as well as create a pdf to give to their tax preparer and, of course, change their personal settings.

 

So my basic inclination as a force.com developer is to use Authenticated User licenses (this is a custom cloud - no CRM - solution) using visualforce and apex (perhaps with flows) for the wizard and entry forms. But maybe heroku is a better way to go, using database.com on the backend to store the data and force.com for the admins. However, at this point, my ruby on rails knowledge is fairly introductory.

 

Also regarding authentication if going to heroku route, is the best thing to create database.com light user accounts for all customers and handle the authentication with Oauth2 or create the users accounts on the front end with a common database.com user accessing and serving up the records? Or just use the id/password flow to gain access to their records?

 

I understand the virtue of the Oauth2 opt-in model, but it does seem like not such a great user experience. If they are coming to my site and logging in, it then looks a little strange to ask then to confirm that the site can access their information. Wasn't that what the login was supposed accomplish (from their point of view)?

 

So any ideas or advise would be much appreciated.

 

Thanks,

Dovid

TheSwamiTheSwami

1) If you want to use database.com for the easy forms, workflows, reports, security, etc. (which is a good idea, IMHO), the question is, what do you hope to gain by using Heroku for the front end?

- If you strongly prefer one of the languages on Heroku, that is a good reason to use it.

Java, Node.js, python and more: http://devcenter.heroku.com/articles/cedar#supported_languages_and_frameworks

- If the pricing of Heroku works better for you, that might be a consideration

 

Having two stacks is going to be more work than one - so if force.com meets all your needs, then that would be a great solution.

 

 

2) If you go with heroku, asking users to grant access to salesforce would not make sense - force.com should be transparent to them.  Using their id/password and authenticating for them makes the most sense.  Since it is your app, and your license to Salesforce that they are using, it is expected that you would handle their username and password - I see no problem with that.

The usual Oauth flow is for allowing a 3rd party to access data on a system that is otherwise private.

 

 

Hope this helps.