Best practices on Force.com sites
There are a few best practices that you need to consider while creating and authenticating users with a Force.com site:
- If users interact with private data on the Force.com site, then always use the portal authentication process for tracking the users on the Force.com site. For example, if you are building a private shopping cart, you should use customer portal authentication.
- According to your requirements, try to build a lightweight process in the Force.com site.
- Always use custom objects for guest applications.
- Do not prompt the request for a username and password and do not store that information inside the application.
- Always try to set up the sharing setting as private for the objects that you grant read access to on the Force.com site. From that practice, you can ensure that users can view and edit only the data related to the Force.com site.
- Set the visibility of all list views for certain user groups but do not set the Visible to all users option.
- The...