function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
RalfRalf 

Login to Salesforce: General questions

Hi there,

I've some questions regarding login to salesforce / sforce. Perhaps somebody can throw some light on it?

We want to use WIL to extend salesforce. The WIL will link to ASP.NET pages which came from our internal web server. On those pages we have to display data from some of our databases and also data from salesforce. First question: I think I have to use the sforce API to access the salesforce data from my web page. As I'm already logged in in salesforce, do I have to log in again using the sforce API functions? Or is there another way, perhaps using the session ID from salesforce, which could be passed in the WIL?

Second question: If I want to do it the other way round, creating a 'login page' which logs me in using the sforce API, is it possible to pass credentials to salesforce, so that the user doesn't need to log in again?

 

If those are really trivial questions, I'd be glad if somebody could point me to the right documents, where I could find answers ;-)

Thx for your help!

Ralf

 

DevAngelDevAngel

Hi Ralf,

For the first part of your inquiry, there are actually 2 things you need to prevent you asp pages from requiring a username and password to login through the API.  First as you mentioned you will need to pass the session id in the wil url.  You can use the session id to intialize the headerStruct for your SOAP calls.  The second thing you need can't be included in the wil url.  You will also need the instance server at which to make your API calls.   Recall that the login api returns, among other things, the session id and a server url.  Both are needed to go beyond the login.

Since you are using asp, you can parse this out of the referrer url.  The login url is always http(s)://www.salesforce.com/servlet/servlet.SoapApi.  A typical server url returned from the login call is http(s)://na1-api.salesforce.com/servlet/servlet.SoapApi.  So all that you are really interested in is the na1-api portion of the server name and whether or not it is using ssl (https).  Once you parse this info out of the referrer url and build the correct url, you can set your SOAP client to use this new url as the endpoint set the headerStruct.sessionID value and away you go.

For the second part of your question, use a syntax for the url like this:

http://www.salesforce.com/secur/frontdoor.jsp?sid=[SESSIONID]&retURL=$2F[TARGETURL]

The [SESSIONID] is (obviously ) the session id from the wil.  The [TARGETURL] is the id of the object that you want to view.  So, if the will is on an account object and you are viewing the account with the id of 00100000001SZOM the link to avoid logging in will be:

http://www.salesforce.com/secur/frontdoor.jsp?sid=gTCc9oqb_C3sxggVlhL&retURL=$2F00100000001SZOM

Cheers.

 

anagramanagram
Hello-
I have a salesforce application that logs in, gets a sessionID, creates a new item, and then uses login.jsp with startURL=xxx to direct the user's browser to the new item. Works great.

It seems to make sense to change it to use the frontdoor.jsp method so it reuses the existing sessionID, but I can't seem to get it to work. I always get a "Page Not Found" error page. I've tried tweaking what little there is to tweak, including changing $2F to %2F (a misprint in the original response maybe). I know I have a valid start URL since the same object ID works with the login.jsp method.

Example url generated by my application (sessionID is shortened for readability):
https://www.salesforce.com/secur/frontdoor.jsp?sid=Uql2iH_QaZgVlhL&retURL=%2F00330000001oFfJ

Anything else I could be missing? Subtle differences between the login.jsp and frontdoor.jsp methods?

Thanks,
Nicholas
DevAngelDevAngel

Hi anagram,

You need to use this syntax:

 

https://<server>.salesforce.com/secur/frontdoor.jsp?sid=<session_id>&retURL=<deep_link_url>

WHERE:

<server> is either "ssl", "na1", "emea" or "ap"

<session_id> is the session id token returned from the API login call

AND

<deep_link_url> is a relative URL within salesforce.com where you want to go after authentication. This is an optional parameter and if omitted, the user will be taken to the home tab page. An example of a value for this parameter would be "/001/o" for the account overview page.

anagramanagram
Hi Dave-
Thanks for the follow-up. Your hint about the different server names got me going in the right direction. I can now get it to work out, but have a further question. I think I'm missing something very basic.

How do I know which server name to use? I have a test account on the na1 org and na1.salesforce.com worked as the server name, of course. I tried another test account on the na0 org and na0.salesforce.com did not work. By trial and error I found that ssl.salesforce.com works for that account. ssl.salesforce.com does not work on the na1 account, however.

Is there a general rule to determine which server name is used given the user's endpoint URL or other info?

Thanks again,
Nicholas
DevAngelDevAngel

Hi anagram,

As a matter of fact there is a specific rule about the server to use.  When you login using the api, you get a serverURL along with the sessionID.  This is the url you are to use for any additional calls via the API and is also the server that you would use for your frontdoor link.

anagramanagram
Thanks again, Dave. I've got it working now. I didn't realize you are supposed to take the entire server name from the serverURL. Previous postings had implied that it could only be one of a few things.

To recap for anyone else out there... To re-use an existing session ID to open a browser window for an item within salesforce:

https:///secur/frontdoor.jsp?sid=&retURL=

Where is the server name part of the serverURL returned at login, e.g.:
serverURL: https://na1-api.salesforce.com/servlet/servlet.Api
na1-api.salesforce.com

is the sessionID returned at login

is the URL within salesforce to go to. Mouse over links in salesforce to figure this out. Often it is just a / + the ID of the object. See:
http://forums.sforce.com/sforce/board/message?board.id=general_development&message.id=46
for more information.

Dave, please correct me if I have something wrong.

Thanks,
Nicholas
anagramanagram
[Re-post to correct formatting problems]
Thanks again, Dave. I've got it working now. I didn't realize you are supposed to take the entire server name from the serverURL. Previous postings had implied that it could only be one of a few things.

To recap for anyone else out there... To re-use an existing session ID to open a browser window for an item within salesforce:

https://[[servername]]/secur/frontdoor.jsp?sid=[[sessid]]&retURL=[[starturl]]

Where [[servername]] is the server name part of the serverURL returned at login, e.g.:
serverURL: https://na1-api.salesforce.com/servlet/servlet.Api
[[servername]]: na1-api.salesforce.com

[[sessid]] is the sessionID returned at login

[[starturl]] is the URL within salesforce to go to. Mouse over links in salesforce to figure this out. Often it is just a / + the ID of the object. See:
http://forums.sforce.com/sforce/board/message?board.id=general_development&message.id=46
for more information.

Dave, please correct me if I have something wrong.

Thanks,
Nicholas
DevAngelDevAngel

Hi anagram,

No, it looks like you have it correct.  Really, the important piece of the server name is the na1 or na0 or which is the actual server address.  The salesforce and com or domain names.  Other than that you provide a clear spec for using the frontdoor.jsp feature.

Cheers!

Nick @ AKCSLNick @ AKCSL

Sorry to add to this really old thread, but it was the most relevant I could find.

I'm using the API to query and display SF data in a page on an internal website.

I can login and get the data (i.e. Contacts) without a problem. I create a hyperlink using the session URL, sessionid and the contact id to link directly to the contact on SalesForce.

The problem is that the link will work when opened in a new window, but if I try to open it in a frame (in this case called "right") it displays the SF login page and gives the following error :

"You have attempted to access a page that requires a salesforce.com login. If you are already a user of the system, please login below.You have attempted to access a page that requires a salesforce.com login. If you are already a user of the system, please login below." 

As I say it works perfectly if the link is opened in a new window.

This is the code I'm using to create the page. Just clicking on the link causes the hyperlink to be opened in the frame called "right" (i.e. h.Target = "right") giving the problem , right clicking the hyperlink and opening it in a new window works as you would expect.

 

private void Table1_Load(object sender, System.EventArgs e)

{

//Get the bound server and sessionID for use in the hyperlink

string apiUrl = binding.Url.Substring(0, binding.Url.IndexOf("/services"));

string apiSession = binding.SessionHeaderValue.sessionId;

Table1.Rows.Clear();

sforce.QueryResult qr = binding.query("Select FirstName, LastName, Id From Contact Where OwnerId = '" + Session["userId"].ToString() + "'");

if (qr.size > 0)

{

TableRow hr = new TableRow();

hr.Cells.Add(getNewHeaderCell("First"));

hr.Cells.Add(getNewHeaderCell("Last"));

hr.Cells.Add(getNewHeaderCell("ID"));

Table1.Rows.Add(hr);

Table1.BorderWidth = 1;

for (int i=0;i

{

sforce.Contact contact = (sforce.Contact)qr.records[i];

TableRow tr = new TableRow();

tr.Cells.Add(getNewCell(contact.FirstName));

tr.Cells.Add(getNewCell(contact.LastName));

//Add Contact Cell********************************************

TableCell contactCell = getNewCell(contact.Id);

// Create Hyperlink Web Server control and add to cell

System.Web.UI.WebControls.HyperLink h = new HyperLink();

h.Text = "Link to Contact in Sales Force";

h.NavigateUrl = apiUrl + "/secur/frontdoor.jsp?sid=" + apiSession + "&retURL=../" + contact.Id;

h.Target = "right";

contactCell.Controls.Add(h);

//************************************************************

tr.Cells.Add(contactCell);

Table1.Rows.Add(tr);

}

}

}

Any ideas gratefully received.

cheers

Nick

DevAngelDevAngel

Hi Nick,

I'll check this out this afternoon and try to get an answer.

hfeisthfeist
I'm experiencing the same problem--works ok on its own but when called up in a frame sometimes displays the login page saying I must login first.
Nick @ AKCSLNick @ AKCSL

Hi Dave,

any luck with this one?

I've been looking at it, but can't find a way around it.

Could it be something to do with the secure connection required for the initial loggin?

Cheers

Nick

DevAngelDevAngel

Hi Nick,

Been out of town.  I will take a look tomorrow.

Cheers.

DevAngelDevAngel

Hi Nick,

I think the problem has to do with cookies.  FrontDoor.jsp needs to set a cookie for the site and cannot do it when the page is in a frame on a page on another site.  Notice that when you go ahead and login in the frame, the frameset will be replaced by the salesforce.com application.

Nick @ AKCSLNick @ AKCSL

Hi Dave,

It definitely seems to be cookie related.

By setting the browser to always accept cookies from salesforce.com, the page always seems to display in the frame without the logon page.

This setting (I guess) needs to be set manually in each users browser.

I don't know if it could be set on the IIS server , or somehow captured/set in the code, but this is maybe disallowed for security reasons.

Perhaps someone with knowledge of browsers/cookies/IIS would have an answer?

( BTW I'm using ASP.NET C# to create a web user control (not a page) which displays SF cases in an iFrame.)

Cheers

Nick

ravindimantha.ax108ravindimantha.ax108

Hello!

Sorry for the delay... we faced the same problem as described.

The solution was to Enable cookies on the browser, i.e. Tools -> Internet Options -> Privacy -> Advanced

And tick the 'Override automatic cookie handling' and select 'Accept'

It worked for us. Hope this solves your problem.

Regards

Ravin

 

SimplySfdcSimplySfdc

Hi,

Anyone here have a better solution for this issue. I get this issue and do not know how to fix it.

sq

DevAngelDevAngel
Hi sq,
 
This thread is so old and long, I'm not sure what the issue was or if a solution was found.  Would mind starting a new thread and restating the issue?  You can, of course, create a link to the old thread for convenience.