Skip to content

Site Setup and Access Settings

Using the JustOn Self-Service Extension you set up a public web application based on Force.com Sites. This section describes how to set up the site and the required security settings.

Info

Contact the JustOn support team to have the JustOn Self-Service Extension installed in your org.

Site Setup

The extension is designed to use a Force.com site exclusively. JustOn recommends not to use it together with other Visualforce pages. You can reuse an existing Force.com site or create a new one.

Creating Site

  1. In Setup, open the Sites page.
    Type Sites in the Quick Find box, or navigate to User Interface > Sites and Domains > Sites.
  2. If necessary, register a domain name.
  3. Click New.
  4. Apply the following settings, then click Save to complete the site creation.
Field Value Notes
Site Label Self Service
Site Name Self Service
Active
Active Site Home Page ONBSE1.Login
Site Template empty
URL Rewriter Class URLRewriter Required for the proper functioning of the payment page.

For the proper functioning of the payment page, you must define the new site's URL as the Base URL.

  1. Copy your new site's URL.
  2. In Setup, open Custom Settings.
    In Salesforce Lightning, navigate to Custom Code > Custom Settings.
    In Salesforce Classic, navigate to Develop > Custom Settings.
  3. Click Manage in the row of Global Settings.
  4. Click Edit in the Default row.
  5. Paste the copied URL into the field Base URL.
    Make sure to end the Base URL entry with a trailing slash /.
  6. Click Save.

Assigning Pages

You must add a number of Visualforce pages to the new site.

  1. Open the Site Details of your site.
    In the Sites list, click the label of the site to open its details.
  2. In the Site Visualforce Pages section, click Edit.
    alt text
    Modifying Visualforce page assignments
  3. Remove the following pages.
    • ForgotPassword
    • ForgotPasswordConfirm
    • SiteLogin
    • SiteRegister
    • SiteRegisterConfirm
  4. Add the following pages.
    • ONB2.InvoicePDF
    • ONBSE1.AmazonLoginHandler
    • ONBSE1.GoogleLoginHandler
    • ONBSE1.Invoices
    • ONBSE1.PaypalLoginHandler
    • ONBSE1.Products
    • ONBSE1.Profile
    • ONBSE1.Subscriptions
  5. Optionally, add the following pages if you want to integrate payment providers like PayPal or Payeezy.
    • ONBSE1.Payment
    • ONBSE1.PaypalBuyerReturn
    • ONBSE1.PaypalIPN
    • ONBSE1.CyberSourceBuyerReturn
    • ONBSE1.CyberSourceNotification
  6. Leave the following default pages enabled.
    • BandwidthExceeded
    • Exception
    • FileNotFound
    • InMaintenance
    • Unauthorized
  7. Click Save.

Public Access Settings

The extension needs access to a number of standard objects and custom objects in order to work correctly. To this end, you must allow/restrict access both on object and field level.

Note

Make sure to grant the access rights as restrictive as possible to avoid inadvertent information disclosure or modification.

Configuring General Object Permissions

  1. Open the Site Details of your site.
    In the Sites list, click the label of the site to open its details.
  2. Click Public Access Settings to open the site profile.
  3. Click Edit.
  4. Apply the following object permission settings, then click Save.

Standard Object Permissions

Object Read Create Notes
Accounts
Contacts
Price Books Required when using master products.
Price Book Entries Required when using master products.
Products Required when using master products.

Custom Object Permissions

Object Read Create Edit Delete View All Modify All
Invoices
Invoice Line Items
Items
Number Ranges
Payments
Prices
Sessions
Styles
Subscriptions
Templates
Trigger Helpers

Note

All other objects must not be selected.

Configuring Field-Level Security for Standard Objects

  1. Open the Site Details of your site.
    In the Sites list, click the label of the site to open its details.
  2. Click Public Access Settings to open the site profile, and scroll to the Field-Level Security section.
  3. Open the field-level security page for Account.
    1. Deselect Read Access and Edit Access for all fields.
    2. Select Edit Access for the fields that you want your users to be able to modify on their profile page.
    3. Select Edit Access for the field Billing Address.
    4. Click Save.
  4. Open the field-level security page for Contact.
    1. Deselect Read Access and Edit Access for all fields.
    2. Select Edit Access for the fields that you want your users to be able to modify on their profile page.
    3. Select Edit Access for the fields Account Name, Email, External User Id, Identity Provider, Phone.
    4. Click Save.
  5. When using master products, open the field-level security page for Price Book, Price Book Entry and Product.
    1. Select Read Access for all fields.
    2. Click Save.

Configuring Field-Level Security for Custom Objects

  1. Make sure that all fields of the following custom objects are visible.
    The Read Access and Edit Access is handled by the general object permissions.
    • Invoices
    • Invoice Line Items
    • Items
    • Number Ranges
    • Payments
    • Sessions
    • Styles
    • Subscriptions
    • Templates
    • Tiers
    • Trigger Helpers

Configuring Additional Permissions for Payment Provider Integration

Info

To apply this configuration, your site must be set active.

To successfully finish a payment, the site guest user needs additional permissions. To set the needed permissions:

  1. Open the Site Details of your site.
    In the Sites list, click the label of the site to open its details.
  2. Click Public Access Settings to open the site profile.
  3. Click View Users.
  4. Open the details of the Site Guest User, and scroll to the Permission Set Assignments section.
  5. Click Edit Assignments.
  6. Select the permission set PaymentGuest, and click Add.
  7. Click Save.

In addition, you must configure permissions for the Balance object to allow for completing a payment.

Note

To do so, make sure to have the Enhanced Profile User Interface enabled.

  1. Open the Site Details of your site.
    In the Sites list, click the label of the site to open its details.
  2. Click Public Access Settings to open the site profile.
  3. Click Object Settings > Balances > Edit.
    This displays the permission for the Balance object.
  4. Enable the Read, Create and Edit permissions.
  5. Enable Edit Access for all fields.
  6. Click Save.

Assigning JustOn License

The user of the Force.com site needs a JustOn license.

  1. Open the Site Details of your site.
    In the Sites list, click the label of the site to open its details.
  2. Click Public Access Settings to open the site profile.
  3. Click View Users.
  4. Open the details of the Site Guest User, and scroll to the Managed Packages section.
  5. Click Assign Licenses.
  6. Select the JustOn package, and click Add.