SlideShare a Scribd company logo

Dave Carroll Application Services Salesforce

D
deimos

The document discusses enterprise grade business application services provided through the Force.com platform as a service (PaaS). It provides an overview of Force.com's capabilities including building any type of business application, flexibility to integrate with other systems, security, and trust due to many customers and developers using the platform. Key aspects of Force.com covered include the multi-tenant architecture, APIs for development, and security options like single sign-on and two-factor authentication.

Related slideshows

Egl Rui Ajax World
Egl Rui Ajax WorldEgl Rui Ajax World
Egl Rui Ajax World
 
Cloud Computing2
Cloud Computing2Cloud Computing2
Cloud Computing2
 
Roadmap For Fusion Middleware Application Server Infrastructure
Roadmap For Fusion Middleware Application Server InfrastructureRoadmap For Fusion Middleware Application Server Infrastructure
Roadmap For Fusion Middleware Application Server Infrastructure
 
1 of 26
Download to read offline
Enterprise Grade Business Application Services on the Web
Safe Harbor Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our quarterly report on Form 10-Q filed on August 19, 2005 and in other filings with the Securities and Exchange Commission. These documents are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
Platform as a Service SaaS platform - From Wikipedia, the free encyclopedia A SaaS Platform is a computer program or collection of more than one computer program that acts as a host to applications that reside on it. The platform manages underlying computer hardware and software resources and uses those resources to endow its hosted applications with multi-tenant, on-demand capabilities that are found in Software as a service applications. Generally, hosted applications are written to target the platform and support a single user. The platform absorbs the responsibility of distributing the application as a service to multiple users over the Internet. The SaaS Platform can be considered a layer of abstraction above the traditional application server, creating a computing platform that parallels the value offered by the traditional operating system, only in a web-centric fashion. The SaaS platform is rooted in the need to reduce the time and difficulty associated with developing highly available, enterprise grade business applications that are to be delivered on-demand.
The big questions for PaaS Can I integrate to and from the cloud? Do I have the flexibility to build any business application? Do I have to install and maintain hardware? Is my application and data secure? Can I trust this platform? Do other people use and trust this platform?
Force.com Introduction Full service Platform Building any Business Application Use some or all of the platform stack Salesforce.com is run on Force.com – > 38,000 Customers – > 1,000,000 users – > 65,000 Developers – ~ 1.6 billion transactions a day – 24th edition of the service
“Classic” SaaS Application
Mobilized SaaS
Rich Internet & SaaS
“Flashy” SaaS <apex:inputField />
SaaS Development
Application Services on Force.com Salesforce.com SaaS Offerings Community / Ecosystem Visual Force (MVC UI) Apex Code Web Services APIs Schema Services Data Center
Multi-tenancy - The Heart of the Matter Single low level schema Integration Custom UI Mobile Abstraction Layer – Data schemas Composite Classic UI SCC – Workflow and Logic Metadata Abstraction Layer – User interface API - WSDL Gen Data Schema – Describable as metadata Interface Definitions Logic / Workflow Enables Security & Sharing Language Support – Integration Svcs – UI Svcs – Mobile Svcs Oracle Database / PLSQL – Security Svcs
Web Service API Use Cases ERP to Force.com integration – Account master, data replication SAP – Java or .NET Portal to Force.com integration – Job openings, lead generation – PHP or Perl or Java or .NET Desktop to Force.com integration – Mail client, offline client – Java or Adobe AIR (Actionscript) or .NET Web client to Force.com integration – Custom UI, Conference Management, PTO Calendar – Javascript or Flex (Actionscript)
API Challenges Make it easy – Key to adoption is ease of use Security – Only one non-authenticated call - Login – Inherits security configuration of web-based application (user roles, field level security, IP range restrictions etc) Account for large data sets – Batch or set based architecture – Cursor functionality for querying Be consistent behaviorally – Versioned endpoints (we have 13 API versions) – Additive version functionality Transactions? – Reliable transactions in SOAP?
Ease of Use - A general API for any application Basic API - 2 flavors – Strongly Typed (will have a LOT of nouns) – Polymorphic (very few nouns, independent of data schema) Apex API – Used to programmatically create/update Apex code. Metadata API – Retrieve, update and create XML metadata representations Basic API Core methods Metadata methods Utility convertLead query describeGlobal getServerTimestamp create queryAll describeLayout getUserInfo queryMore describeSObject resetPassword delete retrieve describeSObjects sendEmail emptyRecycleBin search describeSoftphoneLayout setPassword getDeleted undelete describeTabs getUpdated login update merge upsert process
Obtaining Data Using the API Use familiar query language - SOQL QueryResult qr = binding.query( quot;select FirstName, LastName from contact where PostalCode = '94062'” ); Information returned includes: – number of matches – the data – a cursor – a flag indicating all results were fetched (or not) Results limited to 2000 records per request, so use “cursor” returned from request to get more. qr = binding.queryMore(qr.getQueryLocator());
Security Options INVALID_LOGIN: Invalid username, password, security token. sun.reflect.NativeConstructorAccessorImpl.newInstance0 sun.reflect.NativeConstructorAccessorImpl.newInstance VPN Access - IP Range Restrictions Delegated Authentication - SSO – LDAP, Active Directory, Netware – Webservice based – Simple configuration – Partner solutions from SXIP and Ping Identity Two-factor authentication – Not RSA – Used for browser and integration clients
Built-in 2-factor authentication username + password + token access granted or denied User SSO Delegated Authorization Process username + password authentication request (via SOAP call) username + password authentication response access granted or denied (thumbs up or down) User Corporate Server (In DMZ)
Tokenized Single Sign-On Process 1. The desktop client sends a login request to the desktop client proxy as a SOAP message package. 2. The desktop client proxy extracts the username and password and sends them to the token generator. 3. The token generator validates the credentials and replies to the desktop client proxy with a single- QuickTime™ and a use token. TIFF (Uncompressed) decompressor 4. The desktop client proxy modifies are needed to see this picture. the SOAP message package by replacing the corporate password in the login request with the token and sends a secure login call to Salesforce. 5. Salesforce sends a request to the authentication proxy to validate the token. 6. The authentication proxy replies to Salesforce. 7. Salesforce replies to the desktop client proxy. 8. The desktop client proxy passes the response back to the desktop client, authenticating the user.
Apex Code - Really Programming the Cloud Apex Code is: – Discrete code that runs natively on the server – Faster than the equivalent API integration counterpart – 3gl language with Java-like or C#-like syntax – Scoped like stored procedures – Compiled at the server and strongly typed – Transactional
Creating Custom Web Services Uses for custom web services – pre-process results at the server – aggregate data – reformat for client applications (like JSON) – need for transaction support Deployment of web services – Instant deployment – Still requires authentication – Instant undeployment
Apex Code Demo
Custom Web Service Demo public static AccountSummary getAccountSummary(String acctId) { AccountSummary acctSum = new AccountSummary(); acctSum.account = [Select Id, Name, BillingCity, BillingCountry From Account Where Id = :acctId]; for (Opportunity opp : [Select Id, Amount From Opportunity Where AccountId = :acctId]) { acctSum.opptyTotal += opp.Amount == null ? 0 : opp.Amount; } ... } Retrieve specific account data Get related opportunities and sum the amount field. Get the number of related contact records Pull the actual related contact records Return the “wrapper” class to the client
Calling the new Web Service Use WSDL to generate client Use AJAX or Flex toolkit directly private function getAccountSummary():void { apex.execute( quot;webServicesquot;, quot;getAccountSummaryquot;, [ new Parameter(quot;acctIdquot;, cboAccts.selectedItem.Id) ], new AsyncResponder(handleAcctSummary, handleFault) ); }
Other Services of Interest Database Services – backup/restore, data integrity, scale, performance UI Services – layout generation, MVC based, validations, complex UI support Logic Services – workflow and approval processes Development Services – team collaboration, ALM, source control, testing
Learn More about Force.com PaaS Force.com Developer Network http://developer.salesforce.com

More Related Content

Dave Carroll Application Services Salesforce

  • 2. Safe Harbor Safe harbor statement under the Private Securities Litigation Reform Act of 1995: This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be deemed forward-looking, including any projections of subscriber growth, earnings, revenues, or other financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services. The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new functionality for our service, our new business model, our past operating losses, possible fluctuations in our operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the immature market in which we operate, our relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our service and successful customer deployment, and utilization and selling to larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is included in our quarterly report on Form 10-Q filed on August 19, 2005 and in other filings with the Securities and Exchange Commission. These documents are available on the SEC Filings section of the Investor Information section of our Web site. Any unreleased services or features referenced in this or other press releases or public statements are not currently available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these forward-looking statements.
  • 3. Platform as a Service SaaS platform - From Wikipedia, the free encyclopedia A SaaS Platform is a computer program or collection of more than one computer program that acts as a host to applications that reside on it. The platform manages underlying computer hardware and software resources and uses those resources to endow its hosted applications with multi-tenant, on-demand capabilities that are found in Software as a service applications. Generally, hosted applications are written to target the platform and support a single user. The platform absorbs the responsibility of distributing the application as a service to multiple users over the Internet. The SaaS Platform can be considered a layer of abstraction above the traditional application server, creating a computing platform that parallels the value offered by the traditional operating system, only in a web-centric fashion. The SaaS platform is rooted in the need to reduce the time and difficulty associated with developing highly available, enterprise grade business applications that are to be delivered on-demand.
  • 4. The big questions for PaaS Can I integrate to and from the cloud? Do I have the flexibility to build any business application? Do I have to install and maintain hardware? Is my application and data secure? Can I trust this platform? Do other people use and trust this platform?
  • 5. Force.com Introduction Full service Platform Building any Business Application Use some or all of the platform stack Salesforce.com is run on Force.com – > 38,000 Customers – > 1,000,000 users – > 65,000 Developers – ~ 1.6 billion transactions a day – 24th edition of the service
  • 11. Application Services on Force.com Salesforce.com SaaS Offerings Community / Ecosystem Visual Force (MVC UI) Apex Code Web Services APIs Schema Services Data Center
  • 12. Multi-tenancy - The Heart of the Matter Single low level schema Integration Custom UI Mobile Abstraction Layer – Data schemas Composite Classic UI SCC – Workflow and Logic Metadata Abstraction Layer – User interface API - WSDL Gen Data Schema – Describable as metadata Interface Definitions Logic / Workflow Enables Security & Sharing Language Support – Integration Svcs – UI Svcs – Mobile Svcs Oracle Database / PLSQL – Security Svcs
  • 13. Web Service API Use Cases ERP to Force.com integration – Account master, data replication SAP – Java or .NET Portal to Force.com integration – Job openings, lead generation – PHP or Perl or Java or .NET Desktop to Force.com integration – Mail client, offline client – Java or Adobe AIR (Actionscript) or .NET Web client to Force.com integration – Custom UI, Conference Management, PTO Calendar – Javascript or Flex (Actionscript)
  • 14. API Challenges Make it easy – Key to adoption is ease of use Security – Only one non-authenticated call - Login – Inherits security configuration of web-based application (user roles, field level security, IP range restrictions etc) Account for large data sets – Batch or set based architecture – Cursor functionality for querying Be consistent behaviorally – Versioned endpoints (we have 13 API versions) – Additive version functionality Transactions? – Reliable transactions in SOAP?
  • 15. Ease of Use - A general API for any application Basic API - 2 flavors – Strongly Typed (will have a LOT of nouns) – Polymorphic (very few nouns, independent of data schema) Apex API – Used to programmatically create/update Apex code. Metadata API – Retrieve, update and create XML metadata representations Basic API Core methods Metadata methods Utility convertLead query describeGlobal getServerTimestamp create queryAll describeLayout getUserInfo queryMore describeSObject resetPassword delete retrieve describeSObjects sendEmail emptyRecycleBin search describeSoftphoneLayout setPassword getDeleted undelete describeTabs getUpdated login update merge upsert process
  • 16. Obtaining Data Using the API Use familiar query language - SOQL QueryResult qr = binding.query( quot;select FirstName, LastName from contact where PostalCode = '94062'” ); Information returned includes: – number of matches – the data – a cursor – a flag indicating all results were fetched (or not) Results limited to 2000 records per request, so use “cursor” returned from request to get more. qr = binding.queryMore(qr.getQueryLocator());
  • 17. Security Options INVALID_LOGIN: Invalid username, password, security token. sun.reflect.NativeConstructorAccessorImpl.newInstance0 sun.reflect.NativeConstructorAccessorImpl.newInstance VPN Access - IP Range Restrictions Delegated Authentication - SSO – LDAP, Active Directory, Netware – Webservice based – Simple configuration – Partner solutions from SXIP and Ping Identity Two-factor authentication – Not RSA – Used for browser and integration clients
  • 18. Built-in 2-factor authentication username + password + token access granted or denied User SSO Delegated Authorization Process username + password authentication request (via SOAP call) username + password authentication response access granted or denied (thumbs up or down) User Corporate Server (In DMZ)
  • 19. Tokenized Single Sign-On Process 1. The desktop client sends a login request to the desktop client proxy as a SOAP message package. 2. The desktop client proxy extracts the username and password and sends them to the token generator. 3. The token generator validates the credentials and replies to the desktop client proxy with a single- QuickTime™ and a use token. TIFF (Uncompressed) decompressor 4. The desktop client proxy modifies are needed to see this picture. the SOAP message package by replacing the corporate password in the login request with the token and sends a secure login call to Salesforce. 5. Salesforce sends a request to the authentication proxy to validate the token. 6. The authentication proxy replies to Salesforce. 7. Salesforce replies to the desktop client proxy. 8. The desktop client proxy passes the response back to the desktop client, authenticating the user.
  • 20. Apex Code - Really Programming the Cloud Apex Code is: – Discrete code that runs natively on the server – Faster than the equivalent API integration counterpart – 3gl language with Java-like or C#-like syntax – Scoped like stored procedures – Compiled at the server and strongly typed – Transactional
  • 21. Creating Custom Web Services Uses for custom web services – pre-process results at the server – aggregate data – reformat for client applications (like JSON) – need for transaction support Deployment of web services – Instant deployment – Still requires authentication – Instant undeployment
  • 23. Custom Web Service Demo public static AccountSummary getAccountSummary(String acctId) { AccountSummary acctSum = new AccountSummary(); acctSum.account = [Select Id, Name, BillingCity, BillingCountry From Account Where Id = :acctId]; for (Opportunity opp : [Select Id, Amount From Opportunity Where AccountId = :acctId]) { acctSum.opptyTotal += opp.Amount == null ? 0 : opp.Amount; } ... } Retrieve specific account data Get related opportunities and sum the amount field. Get the number of related contact records Pull the actual related contact records Return the “wrapper” class to the client
  • 24. Calling the new Web Service Use WSDL to generate client Use AJAX or Flex toolkit directly private function getAccountSummary():void { apex.execute( quot;webServicesquot;, quot;getAccountSummaryquot;, [ new Parameter(quot;acctIdquot;, cboAccts.selectedItem.Id) ], new AsyncResponder(handleAcctSummary, handleFault) ); }
  • 25. Other Services of Interest Database Services – backup/restore, data integrity, scale, performance UI Services – layout generation, MVC based, validations, complex UI support Logic Services – workflow and approval processes Development Services – team collaboration, ALM, source control, testing
  • 26. Learn More about Force.com PaaS Force.com Developer Network http://developer.salesforce.com