You need to sign in to do that
Don't have an account?
vfDeveloper.ax341
INVALID_SESSION_ID after winter9 release
I faced INVALID_SESSION_ID exception calling getUserInfo() of SalesforceAppExPartnerAPI.SforceService from my .net web service.
my code:
Code:
SalesforceAppExPartnerAPI.GetUserInfoResult userInfoResult = Binding.getUserInfo();
Binding is property where _authHeader.EXTSessionID and _authHeader.EXTServerLocation are values passed to web service from salesforce portal.
_autHeader.ExtSessionID value retrieved via apex code : UserInfo.getSessionId() and _authHeader.ExtServerLocation is
https://na6-api.salesforce.com/services/Soap/u/12.0/511500D80000000Kb2v
Code:
private SalesforceAppExPartnerAPI.SforceService Binding {
get {
try {
// binding
SalesforceAppExPartnerAPI.SforceService binding = new SalesforceAppExPartnerAPI.SforceService();
// by setting these values, we are essentially logged in to the API as this user
binding.SessionHeaderValue = new SalesforceAppExPartnerAPI.SessionHeader();
binding.SessionHeaderValue.sessionId = _authHeader.EXTSessionID;
binding.Url = _authHeader.EXTServerLocation;
return binding;
} catch (System.Web.Services.Protocols.SoapException exsoap) {
if (exsoap.Code.ToString().Contains("API_DISABLED_FOR_ORG")) {
throw new EXTAPIAuthFail("This edition of salesforce.com does not provide API access."
+ "API access is a standard feature of Enterprise "
+ "and Unlimited Editions.<br>"
+ "Certify your application to gain API access to "
+ "Professional Edition as well.<br><br>", exsoap);
} else {
throw new EXTAPIAuthFail("SoapException: Unable to validate incoming web call.", exsoap);
}
} catch (System.UriFormatException uriEx) {
throw new EXTAPIAuthFail("The Server URL is invalid. " + uriEx.Message, uriEx);
} catch (Exception e) {
throw new EXTAPIAuthFail("Unable to connect to the API. " + e.Message, e);
}
} else {
return _binding;
}
}
}
Exception Stack trace:
Code:
{System.Web.Services.Protocols.SoapException: INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Mindflash.SalesforceAppExPartnerAPI.SforceService.getUserInfo()
It works fine before salesforce introduced winter9 release and version 14.0 API.
my code:
Code:
SalesforceAppExPartnerAPI.GetUserInfoResult userInfoResult = Binding.getUserInfo();
Binding is property where _authHeader.EXTSessionID and _authHeader.EXTServerLocation are values passed to web service from salesforce portal.
_autHeader.ExtSessionID value retrieved via apex code : UserInfo.getSessionId() and _authHeader.ExtServerLocation is
https://na6-api.salesforce.com/services/Soap/u/12.0/511500D80000000Kb2v
Code:
private SalesforceAppExPartnerAPI.SforceService Binding {
get {
try {
// binding
SalesforceAppExPartnerAPI.SforceService binding = new SalesforceAppExPartnerAPI.SforceService();
// by setting these values, we are essentially logged in to the API as this user
binding.SessionHeaderValue = new SalesforceAppExPartnerAPI.SessionHeader();
binding.SessionHeaderValue.sessionId = _authHeader.EXTSessionID;
binding.Url = _authHeader.EXTServerLocation;
return binding;
} catch (System.Web.Services.Protocols.SoapException exsoap) {
if (exsoap.Code.ToString().Contains("API_DISABLED_FOR_ORG")) {
throw new EXTAPIAuthFail("This edition of salesforce.com does not provide API access."
+ "API access is a standard feature of Enterprise "
+ "and Unlimited Editions.<br>"
+ "Certify your application to gain API access to "
+ "Professional Edition as well.<br><br>", exsoap);
} else {
throw new EXTAPIAuthFail("SoapException: Unable to validate incoming web call.", exsoap);
}
} catch (System.UriFormatException uriEx) {
throw new EXTAPIAuthFail("The Server URL is invalid. " + uriEx.Message, uriEx);
} catch (Exception e) {
throw new EXTAPIAuthFail("Unable to connect to the API. " + e.Message, e);
}
} else {
return _binding;
}
}
}
Exception Stack trace:
Code:
{System.Web.Services.Protocols.SoapException: INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at Mindflash.SalesforceAppExPartnerAPI.SforceService.getUserInfo()
It works fine before salesforce introduced winter9 release and version 14.0 API.
Glad to know it's not just me. However, in our case it seems only to affect VisualForce pages:
http://community.salesforce.com/sforce/board/message?board.id=Visualforce&thread.id=5907
We're having the same problem with invalid session ID. In our case, we call a PHP application, passing it the session ID.
I looked at the session ID in a debugger and it's HUGE:
sid=472500D5000000078hG%21AQgAQLiXsGYqcSlSNF6v1FA4Qzg0Zx8Qi1ZSEDbu3UTH_a9Gjv70oWIaK2KCoj1qdbWkeo_NCMh0gMYwimcebk7csreFLa7a
I think all those bytes after the 18th byte are what's causing me grief. Tried to mod the app to only look at the first 18-bytes, but that hasn't worked. Still hackin' away at a fix.
No, in my case, I evoke a PHP application, passing it the ID of a custom object (RMA__c), the session ID, and the Partner Server URL info. This is the code under the detail page button:
So I can see the Session ID value that is being passed, and that's how I can see it is so long:
I've opened a case with Support.
That's certainly plausible -- I honestly don't recall what this value looked like before Winter '09. The sid value just looked unusually long compared to other ID values I see regularly.
I haven't been able to resolve this by truncating the value I send to the PHP app, so you're probably right.
Yes we are. We get the session Id in the controller, using UserInfo.getSessionId(). And the problem (at least for us) seems to be specifically on the session Id we get from VisualForce. We also get the session Id in custom field formulas, and this session Id seems to be just fine.
to
<namespace>.<server>.visual.force.com
xyz.na4.visual.force.com
Message Edited by dkleb on 10-17-2008 12:21 PM