function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Force2b_MikeForce2b_Mike 

Secure Portal Login

I was sure that at some point, it was possible to use a secure site page (https://xxx.secure.force.com/sitename/) to login to the customer portal and remain encrypted. I can still use the secure site URL, however after logging in the user is redirected to the non-encrypted url (http://xxx.force.com/sitename/). 

The "workaround" I found is to change the site_login class to redirect the user the actual portal url including the username/password in the URL:

 

startUrl = 'https://na3.salesforce.com/secur/login_portal.jsp?'
   + 'orgId=00D50000000xxx&portalId=060500000000xxx'
   + '&un=' + username + '&pw=' + password;
retURL = new PageReference(startURL);

 

Though this is technically an encrypted URL, the result is different. For example, sharing a URL such as https://na3.salesforce.com/a1aW00000004D1R has a different result than sharing https://xxx.secure.force.com/sitename/a1aW00000004D1R. If a portal user clicks the first link they're taken to a standard Salesforce login page, however they'll be unable to login because their credentials are for a portal only.

 

Best Regards,

 

Mike

henry smith 2henry smith 2
i appreciate your hard work you spend on writing this unique information. i'm going to share your this hard work on my blog Connections Unlimited (https://connections-unlimited.org/)