The subject matter discussed in the background section should not be assumed to be prior art merely as a result of its mention in the background section. Similarly, a problem mentioned in the background section or associated with the subject matter of the background section should not be assumed to have been previously recognized in the prior art. The subject matter in the background section merely represents different approaches, which in and of themselves may also be inventions.
The advent of on-demand service environments has facilitated the development and deployment of third party software and applications for common software platforms, such as enterprise application software platforms. In an on-demand services environment, an enterprise platform for a large number of users provides a number of applications for a variety of uses, such as customer service, order processing, communications, and so on. An enterprise software platform is required to support a number of different entities, such as platform providers, hardware vendors, application developers, end users, consultants, IT (information technology) professionals, and so on. Different developers may produce applications for use by different users and instances of a particular enterprise platform. Such developers often comprise independent software vendors (ISVs) that are companies that specialize in making and selling software for specific enterprise applications. Their software products are often specialized applications and programs that are tailored for specific platforms and improving productivity. Both hardware and software makers often partner with ISVs to encourage and facilitate the development of software applications on their platforms, since generally the more applications that run on a platform, the more value it offers to customers.
Aspects of the package support access system may be incorporated in a multi-tenant database system, such as the salesforce.com service. A multi-tenant architecture allows users or customer organizations (i.e., tenants) to share database resources that are organized as one logical database on one or more central server computer(s), as opposed to maintaining their own locally hosted databases and application programs. The centralized database tables themselves are typically shared and logical structures are employed to ensure differentiation and security among the different tenants. Likewise, the shared application programs can be segregated through access control mechanisms that restrict access and usage to only authorized users or subscribers. A large enterprise platform, such as the Salesforce.com platform may include thousands of developers and platform partners to support hundreds of thousands of end users. The issues of application deployment and maintenance can therefore be quite extensive with regard to customizing, integrating and extending the platform applications to create custom solutions for the users.
For purposes of the current description, the terms “organization,” “client,” “organization resources,” or “client resources” refer to database resources (i.e., data, metadata, programs, and other resources) that are maintained in a central multi-tenant database for access by users who have appropriate access privileges. Such resources are typically maintained in a server and data storage system maintained by a CRM platform provider, as opposed to computers within the actual client businesses themselves.
FIG. 1 is a block diagram illustrating a typical enterprise application network environment with ISVs and end users in present on-demand service systems. The enterprise platform 104 hosts database and application resources for a multitude of different end users 108. The end users 108 in system 100 may be individuals or organizations that use the resources and store data on the enterprise platform server computers. Each end user accesses his or her resources by logging in using established login credentials 110, such as user name and password. The applications 106 may be written and provided by the enterprise platform providers themselves, but more commonly, the applications are written by third party software vendors. Thus, as shown on FIG. 1, one or more ISVs 102 provide applications 106 to be executed on enterprise platform 104. The applications are used by end users 108 who may maintain a customer relationship with both the ISV application maker and the enterprise platform. During the course of normal application development and deployment, many usage problems may arise. Such problems typically require the involvement of ISV and platform administrators or programmers for diagnosis and debugging or patching. In order to provide access for ISVs 102 to support their applications 106 and users 108, the platform administrators must often implement secure temporary access mechanisms. Under present systems, this is typically implemented through the exchange of credentials 112 between the ISV personnel and the platform administrators or between the end users and the ISV. The credentials typically comprise a user name and password that authenticates an ISV to the platform administrator. Depending on the relationship between the ISV and the platform, and/or the amount of support or remedial work required, the exchange of credentials may impose a relatively high degree of administrative overhead. For example, exchanging credentials may require the establishment of new accounts for each service instance, or it may involve the transmission of potentially sensitive information over public communication networks and expose vulnerabilities with respect to spoofing and other hacking methods. Other temporary access methods can include screen sharing techniques in which the ISV views and or assumes control of the end user computer screen through a console portal. This requires a high degree of interaction between the end user and the ISV and also exposes certain security vulnerabilities in the system. Thus, present methods of allowing ISV support for application maintenance in enterprise platform systems that rely on credential exchange or screen sharing present certain disadvantages with respect to processing overhead and system security.
Accordingly, it is desirable to provide techniques enabling efficient testing of multi-tenant database components for different operational modes.