13.0.11 Guest User Access using stored credentials

@AnnaO @Rob_Clough

Hey guys we are getting closer to the forced change, anything else i can try, do you guys want access to sandbox?

Let me know

Thx

@Anna_Wiersema @Rob_Hatch

Hey guys we are getting closer to the forced change date limit, anything else i can try, do you guys want access to sandbox?

Let me know

Thx

@Anna_Wiersema

Hey Guys In the meantime I was waiting for suggestions, I actually created a new Sandbox and recreated whole process and it seems to work fine now!

I guess updating from 12.2.19, to 13.0.11 broke something…

In case makes a difference the new sandbox is on Skuid version: 13.0.12

Now to try on prod and hope all goes well :slight_smile:

Thank you

Super glad you were successful. Sorry we haven’t had the bandwidth to do a lot of deep debugging of your configuration. It is complicated in the SFDC side.

And finally - we do hope the prod implementation is successful.

Would love to see your public site… (I always love seeing Skuid in the wild)

@Rob_Hatch

Funny i was just typing this when I saw your message.

Everything went perfectly in sandbox , but now been trying since yesterday to do exact same setting sin prod, 3 times now and always the same issue: whenever I try to use the new externalSF DSO i get authentication failed.

This is just driving me crazy , as i double and triple check everything is exactly the same as in Sandbox.

Only 1 thing i noticed different, is when i create the DSO, it tries to create the Authentication providers on it’s own, and i see a an error message that goes away too quickly for me to read completely and copy it , but an error creating remote setting basically.

I tried creating it manually, that did not work, So i tried creating the authentication provider myself (not from the new DSO setup) and this time it creates the remote setting properly it seems, but still same issue.

And yes I would love to show you the public site anytime!

maybe we can have a quick screenshare so we can do both same time?

Let me know

@Anna_Wiersema @Rob_Hatch

Hey Guys is anyone else experiencing the same issue setting it up in prod?

I’m starting to panic, we are 3 days away from Spring release and it still not working for me at all in prod

please help me

Thx

@Anna_Wiersema @Rob_Hatch @Skuid_IT @skuid

Hey, me again after spending the whole day trying to troubleshoot this, I was able to pinpoint exact issue, but no clue how to fix it, as it may be a backend issue, according to my dev.

The Authentication issue happens only in production when i use the Auth Grant Type as Resource Owner Password Credentials. If i use Authorization code, the skuid page can connect to this DSO but unfortunately this doe snot fix the reason we are doing this, guest user (with stored credentials)

Hope this can help you guys help me with this urgent issue pls

Thx

As well forgot to mention we are on latest skuid release (13.0.13)

And that i tried the stored credentials with different users, even me as admin… and still failing to authenticate

Hi Guys,

I was finally able to fix this issue, and the problem is incomplete documentation.

As a desperate last attempt today, I tried adding the SF user Security Token after password in the stored credentials and that fixed the issue in production. This is not required in sandbox

Nowhere in the documentation is that point mentioned. That just cost me almost 3 days of losing hair :frowning:

Ah, yep. Sorry, @Dave ! I managed to discover that last week when I was first setting up, but I didn’t make the connection to the problem you were having. :frowning:

Definitely needs a documentation update!

@Matt_Sones @skuid @Rob_Hatch @Anna_Wiersema

Hey Guys , all was working fine on Friday and now over the weekend SF pushed the new Release and now all of a sudden the External Data source won’t work at all. I tried even with authorization code and stored credentials, but cannot connect to data source

Is anyone having similar issues?

@Dave

  1. what a bummer!

    Is it still working in your Spring '21 Sandbox?

  2. Can you look at status.salesforce.com for both of your instances and let us know which patch of Spring '21 each is on?
  3. If your Sandbox site is no longer working, do you happen to remember which patch it was on when it worked?
  4. Is the external data source not working just in the public facing site, or also when you're logged into Salesforce and previewing the Skuid page?

@Anna_Wiersema It can connect to the External Data Source in Sandbox with no issue, but site page gives same error even from sandbox. All was working perfectly fine last week on both environment (on production it was running live with external SF DSO since thursday)

Any way you can assist me please, this is a huge issue and affecting us big time already?

Hi @Dave

  • ,

    What is the error message you are seeing on your site?

  • Can you look at status.salesforce.com for both of your instances and let us know which patch of Spring '21 each is on?
  • Do you know what Spring '21 patch your Sandbox was on when it was working?
  • On our end I’ve verified that this use case works in Spring '21. The use cases I checked were public Force.com Sites on

    v2 - Boston (13.0.14) - Spring '21 Patch 8.5

  • v1 - Boston (13.0.8) - Spring '21 Patch 8.6

@Anna_Wiersema

Hey Thank you for your assistance.

  1. The error we get is: Authorization Required: You must first log in or register before accessing this page.

If you have forgotten your password, click Forgot Password to reset it.

  1. Production is on 13.0.13 - Spring '21 Patch 8.5

Sandbox is on same skuid version, but no idea on patch at moment it was working (atm it’s on Spring '21 Patch 8.5)

  1. I completely rebuilt Data source , authentication., app … and now in prod i can connect to External SF as data Source

But the guest user cannot access public page with stored credentials

Public guest user & Skuid user, have been shared via Guest Sharing the Skuid page, the records, the VF page that handles redirect to the skuid page.

But i think maybe this is where the issue lies at this point. As if i use a test VF page , guest user can see it. So so far i’ve pinpointed issue with the following VF page: (even though it was all working fine last week in prod & sandbox with the same markers)

<apex:page standardController="Offer__c"
extensions="skuid.Redirects" action="{!redirect}?page=Site_offers">
</apex:page>


Are these markers incorrect? Do i have to give guest user access to a class or something else for redirect permissions?
As well here's the Debug log when Guest user tries to access page


20.0 APEX_CODE,FINEST;APEX_PROFILING,FINEST;CALLOUT,FINEST;DB,FINEST;NBA,INFO;SYSTEM,FINE;VALIDATION,INFO;VISUALFORCE,FINER;WAVE,INFO;WORKFLOW,FINER
14:59:32.0 (150336)|USER_INFO|[EXTERNAL]|00540000003ZNMH|skuidsitetest@capitallynk.force.com|Greenwich Mean Time|GMTZ
14:59:32.0 (253568)|EXECUTION_STARTED
14:59:32.0 (290666)|CODE_UNIT_STARTED|[EXTERNAL]|066400000004VcI|VF: /apex/Unauthorized
14:59:32.0 (28521280)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{AND(ISPICKVAL($User.UserType,'Guest'), $Site.LoginEnabled)}
14:59:32.0 (35087886)|VF_EVALUATE_FORMULA_END
14:59:32.0 (35136909)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{NOT(ISPICKVAL($User.UserType,'Guest'))}
14:59:32.0 (35212571)|VF_EVALUATE_FORMULA_END
14:59:32.0 (35345120)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{$Site.LoginEnabled && ISPICKVAL($User.UserType,'Guest')}
14:59:32.0 (35386511)|VF_EVALUATE_FORMULA_END
14:59:32.0 (36534602)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{$Site.Prefix}/img/sites/force_logo.gif
14:59:32.0 (36573932)|VF_EVALUATE_FORMULA_END
14:59:32.0 (36647038)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{AND(ISPICKVAL($User.UserType,'Guest'), $Site.LoginEnabled)}
14:59:32.0 (36699811)|VF_EVALUATE_FORMULA_END
14:59:32.0 (36707715)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{NOT(ISPICKVAL($User.UserType,'Guest'))}
14:59:32.0 (36728727)|VF_EVALUATE_FORMULA_END
14:59:32.0 (36891838)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{URLFOR($Resource.SiteSamples, 'img/clock.png')}
14:59:32.0 (37427829)|VF_EVALUATE_FORMULA_END
14:59:32.0 (37485697)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{URLFOR($Resource.SiteSamples, 'img/unauthorized.gif')}
14:59:32.0 (37571486)|VF_EVALUATE_FORMULA_END
14:59:32.0 (37874279)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{$Site.LoginEnabled && ISPICKVAL($User.UserType,'Guest')}
14:59:32.0 (37914983)|VF_EVALUATE_FORMULA_END
14:59:32.0 (38948476)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{URLFOR($Resource.SiteSamples, 'img/poweredby.png')}
14:59:32.0 (39020002)|VF_EVALUATE_FORMULA_END
14:59:32.0 (39536530)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{URLFOR($Resource.SiteSamples, 'img/poweredby.png')}
14:59:32.0 (39619144)|VF_EVALUATE_FORMULA_END
14:59:32.0 (40293206)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{AND(ISPICKVAL($User.UserType,'Guest'), $Site.LoginEnabled)}
14:59:32.0 (40389114)|VF_EVALUATE_FORMULA_END
14:59:32.0 (40404407)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{NOT(ISPICKVAL($User.UserType,'Guest'))}
14:59:32.0 (40448541)|VF_EVALUATE_FORMULA_END
14:59:32.0 (40481552)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{$Site.LoginEnabled && ISPICKVAL($User.UserType,'Guest')}
14:59:32.0 (40511878)|VF_EVALUATE_FORMULA_END
14:59:32.0 (41556347)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{URLFOR($Resource.SiteSamples, 'SiteStyles.css')}
14:59:32.0 (41613433)|VF_EVALUATE_FORMULA_END
14:59:32.0 (41641331)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{AND(ISPICKVAL($User.UserType,'Guest'), $Site.LoginEnabled)}
14:59:32.0 (41689316)|VF_EVALUATE_FORMULA_END
14:59:32.0 (41697514)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{NOT(ISPICKVAL($User.UserType,'Guest'))}
14:59:32.0 (41719080)|VF_EVALUATE_FORMULA_END
14:59:32.0 (41740789)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{$Site.LoginEnabled && ISPICKVAL($User.UserType,'Guest')}
14:59:32.0 (41756499)|VF_EVALUATE_FORMULA_END
14:59:32.0 (42035729)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{URLFOR($Resource.SiteSamples, 'SiteStyles.css')}
14:59:32.0 (42078388)|VF_EVALUATE_FORMULA_END
14:59:32.0 (42100172)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{AND(ISPICKVAL($User.UserType,'Guest'), $Site.LoginEnabled)}
14:59:32.0 (42138489)|VF_EVALUATE_FORMULA_END
14:59:32.0 (42145744)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{NOT(ISPICKVAL($User.UserType,'Guest'))}
14:59:32.0 (42163874)|VF_EVALUATE_FORMULA_END
14:59:32.0 (42182323)|VF_EVALUATE_FORMULA_BEGIN|066400000004VcI|#{$Site.LoginEnabled && ISPICKVAL($User.UserType,'Guest')}
14:59:32.0 (42196923)|VF_EVALUATE_FORMULA_END
14:59:32.43 (43944229)|CUMULATIVE_LIMIT_USAGE
14:59:32.43 (43944229)|LIMIT_USAGE_FOR_NS|(default)|
  Number of SOQL queries: 0 out of 100
  Number of query rows: 0 out of 50000
  Number of SOSL queries: 0 out of 20
  Number of DML statements: 0 out of 150
  Number of Publish Immediate DML: 0 out of 150
  Number of DML rows: 0 out of 10000
  Maximum CPU time: 0 out of 10000
  Maximum heap size: 0 out of 6000000
  Number of callouts: 0 out of 100
  Number of Email Invocations: 0 out of 10
  Number of future calls: 0 out of 50
  Number of queueable jobs added to the queue: 0 out of 50
  Number of Mobile Apex push calls: 0 out of 10

14:59:32.43 (43944229)|TOTAL_EMAIL_RECIPIENTS_QUEUED|0
14:59:32.43 (43944229)|CUMULATIVE_LIMIT_USAGE_END

14:59:32.0 (44044491)|CODE_UNIT_FINISHED|VF: /apex/Unauthorized
14:59:32.0 (44057884)|EXECUTION_FINISHED
14:59:32.45 (45651380)|CUMULATIVE_PROFILING_BEGIN
14:59:32.45 (45651380)|CUMULATIVE_PROFILING|No profiling information for SOQL operations
14:59:32.45 (45651380)|CUMULATIVE_PROFILING|No profiling information for SOSL operations
14:59:32.45 (45651380)|CUMULATIVE_PROFILING|No profiling information for DML operations
14:59:32.45 (45651380)|CUMULATIVE_PROFILING|No profiling information for method invocations
14:59:32.45 (45651380)|CUMULATIVE_PROFILING_END


  
Hope this is enough info to find issue, if want to do a screenshre or need me to shared access, let me know

Thx

               

@DaveI’m not using redirects, and I’m not using standard controlllers, so I’m not sure if the use case is the same. I’m successfully using the skuid:page vf component, like so:

<apex:page readonly="true"
  showheader="false"
  sidebar="false"
  doctype="html-5.0"
  title="Your Title Here">
    <skuid:page page="Your_Skuid_Page_Here"/>
</apex:page>

Thank you for that Matt, but unfortunately it did nto work for me, user still getting unauthorized acess

as well in one documentation it says C. Make Sure the Guest User has permission to View Skuid pages.

But i get this error when I try to do so. Guest user has Skuid license assigned.

Could that be the issue?

@Anna_Wiersema @Rob_Hatch

Guys it’s been almost a week and still cannot figure this out why it’s no longer working. Can anyone please assist me in any way?

Regarding the Permission Set. You will not be able to grant the Defautl Skuid Viewer permission set to the guests user because it has Edit / Delete permission on several objects. (I think on Skuid Feedback ??).

You can clone the permission set and remove the edit and delete permissions and assign this permission set to the guest user.