How do I create a custom portal login page? - Answers - Salesforce Trailblazer Community
Trailblazer Community
Ask Search:
Phil WilshawPhil Wilshaw 

How do I create a custom portal login page?

===================== The Problem ==============================
I've successfully created a salesforce customer portal, which can be logged into using the Login URL (Portal Details) with pre-created users.  I would like to customise the login page to a greater degree and have created a Site for this purpose but get errors after clicking on the 'Login' button when testing it in my Sandbox environment.
I've tested using the generated login page (SiteLogin) but the same errors are displayed when the Login button is clicked.  I've also read the notes in the Site Implementation Guide, where it mentions "Only production organizations have the valid SSL certificates to access sites using HTTPS", but the page can be logged into with the default portal address so I'm not convinced this is the issue.
In the login method, of ContactPortalLoginPageController, I also tested entering the Login URL rather than 'null' but had the same results.
===================== ErrorMessages  ==============================
Internet Explorer:
"There is a problem with this website's security certificate. 
The security certificate presented by this website was issued for a different website's address.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server."
"This Connection is Untrusted
You have asked Firefox to connect securely to, but we can't confirm that your connection is secure.
Normally, when you try to connect securely, sites will present trusted identification to prove that you are
going to the right place. However, this site's identity can't be verified."
Google Chrome:
"This is probably not the site you are looking for!
You attempted to reach, but instead you actually reached a server identifying itself as * This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of"
===================== Portal Details  ==============================
Name: Online Contract Portal
Loggin Enabled: Y
PortalID: 060P0000000D0mA
Login URL:
The users attempting to login are of profiles listed in the Assigned Profiles section.
===================== Site Details  ==============================
Default Web Address:
Secure Web Address:
Active: checked
Active Site Home Page: ContactPortalLoginPage 
Login Settings:
Login: Enabled for Online Contract Portal
Require Non-Secure Connectionts (HTTP): N
The visualforce pages used for the login page is listed in the Site Visualforce Pages section but the pages used for the Customer Portal are not.
===================== Session Settings  ==============================
Lock sessions to the IP address from which they originated: N
Required secure connections (HTTPS): Y
Force reklogin after Login-As-User: N
Require HttpOnly attribute: N
Enable caching and autocomplete on login page: N
Enable SMS-based identity confirmation: N
Enable clickjack protection for non-setup Salesforce pages: N
Enable clickjack protection for non-setup customer Visualforce pages: N
===================== ContactPortalLoginPage  ==============================
<apex:page id="page" showHeader="false" sidebar="false" controller="ContactPortalLoginPageController" >
    <apex:stylesheet value="{!If((ieBrowser == false),$Resource.ContactPortalCSS_NonIE,If((iePre8 == true),$Resource.ContactPortalCSS_IEPre8,$Resource.ContactPortalCSS_IE8Plus))}"/>
<apex:form id="form" forceSSL="true">
<br/><br/><center><p>Welcome to the Editorial CCMS Customer Portal</p></center><br/>
<apex:pageMessages id="pmMsgs"/><br/>
<apex:outputPanel layout="block">
<apex:panelGrid columns="2" style="margin-top:1em; margin-left:42.5%">
<apex:outputlabel value="{!$}" for="username"/>
<apex:inputText id="username" value="{!username}"/>
<apex:outputlabel value="{!$}" for="password"/>
<apex:inputSecret id="password" value="{!password}"/>
<center><apex:commandButton action="{!login}" value="{!$}" id="loginButton"/></center>
===================== ContactPortalLoginPageController  ==============================
public with sharing class ContactPortalLoginPageController
public String username {get; set;}
public String password {get; set;}
// Page variables
public boolean ieBrowser {get; set;}
public boolean iePre8 {get; set;}
public ContactPortalLoginPageController ()
// Setting up browser-based variables
String[] tempStringList = ApexPages.currentPage().getHeaders().get('USER-AGENT').split(' ');
    Integer num = -1;
    iePre8 = false;
    for (integer i = 0; i < tempStringList.size(); i++)
    if (tempStringList.get(i) == 'MSIE')
    num = i+1;
    ieBrowser = (num != -1);
if (ieBrowser)
tempStringList = tempStringList.get(num).split(';');
iePre8 = (Integer.valueof(tempStringList.get(0)) < 8);
     * @create date 31/08/2012
    * @description Login method
public PageReference login()
   return Site.login(username, password, null);
Kevin FennellyKevin Fennelly
I'm also struggling with this issue. Does anyone know if the Certificate and Key Management console will assist with this issue?