+ Start a Discussion
Andy Freeston_LarterAndy Freeston_Larter 

"no access allowed to this class" error with WebService


I have a flex application that runs in a visualforce page. The application communicates with Salesforce by using queries and WebService SOAP commands.

For a week or so, I have received this error whenever I make a call to an Apex class:


fault.faultstring = MSO_ValueMill_WebService: no access allowed to this class. fault.faultcode = sf:INSUFFICIENT_ACCESS fault.detail = null


MSO_ValueMill_WebService is the name of my Apex class. This class has been working fine and passes its unit tests. I have checked the security settings for the class and have allowed access to all profiles.

Normally the flex application runs in a hosted web browser as part of a visualforce page. It gets its credentials through the flash parameters, like this.


var lr:LoginRequest = new LoginRequest(); lr.callback = new AsyncResponder(LoginSuccess, LoginFailed); lr.session_id = parameters.session_id; lr.server_url = parameters.server_url; _opportunityId = parameters.OppId;



Interestingly, if I change the flex code to use hard-coded credentials then the program runs without the error, even though the credentials are the same as those used to log into the Salesforce web page and the objects being accessed are the same. The working code looks like this:  

lr.username = "someaddress@MyLogin.co.uk"; lr.password = "passwordSession"; _opportunityId = "0068000000RCFOF";



It should also be noted that the system does not write an entry to the debug log.

Can anyone suggest why accessing a WebService class should fail when using the web page session but not when accessing it with a username/password?


Many thanks.



Best Answer chosen by Admin (Salesforce Developers) 
Andy Freeston_LarterAndy Freeston_Larter

I have finally resolved this issue! In trying to produce some test code that I could append to this article I found that simply recreating the visualforce page fixed the problem.


I created a duplicate flash project, apex class, and visual force page with the same security settings at my original files. These all worked fine. I then changed the test visualforce page to use my original flash component. Again, this worked fine (and eliminated the flash as the cause of the problem).

I changed the original visualforce page to use my test flash component. The page continued to fail with the same security error as before. This showed me that the page was at fault, even though the content was now identical to the test page. I confirmed that the security settings on the pages were the same. (I had enabled all profiles for both pages). Finally, I deleted my original visualforce page, created a new page with the same name, pasted in the original code and set the security settings again. This then started working.


My guess is that the security settings that were being displayed for the visualforce page had somehow become different to those being used to actually secure the page. I’m not sure if this is possible in the guts of the Force.com processing engine.


This isn’t the first time that deleting a file and re-creating it has solved a problem, however it is the first time for a visualforce page.