function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
simonjpalmersimonjpalmer 

Login error from remote app

I am logging in from a Flex app using the Flex/Air toolkit.  Last week I was getting a security sandbox violation and I have changed my endpoint to refer to a new place and now I am getting the following...

<soapenv:Fault>
<faultcode>
sf:INVALID_LOGIN
</faultcode>
<faultstring>
INVALID_LOGIN: Invalid username, password, security token; or user locked out.
</faultstring>
<detail>
<sf:LoginFault xsi:type="sf:LoginFault">
<sf:exceptionCode>
INVALID_LOGIN
</sf:exceptionCode>
<sf:exceptionMessage>
Invalid username, password, security token; or user locked out.
</sf:exceptionMessage>
</sf:LoginFault>
</detail>
</soapenv:Fault>

I have done all the obvious things like checking password and security token, but I cannot get in from my app - and neither can any of my users.

Anyone have any ideas?
simonjpalmersimonjpalmer
One more piece of information, I can log in from the salesforce.com Apex Explorer 8 application using the same credentials, so I am not locked out.
HarmpieHarmpie
Have you updated the wsdl?
simonjpalmersimonjpalmer
Short answer, No.  In fact I never touch the salesforce.com wsdl as it is (presumably) wrapped up inside the Flex toolkit.

What I did do is make sure that I have the latest version of that toolkit.
HarmpieHarmpie
Since I have no experience with the flex toolkit, I was just taking a shot. Sorry it didn't help.
simonjpalmersimonjpalmer
Thanks for the thought
SuperfellSuperfell
API Login requests must goto www.salesforce.com, if you know your specific instance (na2.salesforce.com etc), then you can send your login request there, but that'll only work for your login, so won't work for tools used by lots of different users.

What happens when you have your flex app send its request to www.salesforce.com ?
simonjpalmersimonjpalmer
channel security error...

Api Server name = www.salesforce.com
_internalServerUrl = https://www.salesforce.com/services/Soap/u/13.0
set serverUrl: skip the policy file for sandboxType:remote and server:www.salesforce.com
login with creds
loading the policy file: https://www.salesforce.com/services/crossdomain.xml
Your application must be running on a https server in order to use https to communicate with salesforce.com!
invoke login
intServerUrl is null
intServerUrl = https://www.salesforce.com/services/Soap/u/13.0
_invoke login
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer set destination to 'DefaultHTTPS'.
Method name is: login
'direct_http_channel' channel endpoint set to http://localhost/pm_server/pm/
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer sending message '9C77D321-52B6-46A2-C53C-1FE3DB152E56'
'direct_http_channel' channel sending message:
(mx.messaging.messages::HTTPRequestMessage)#0
  body = "<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urn:partner.soap.sforce.com"/><se:Body><login xmlns="urn:partner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><username>simon.palmer@dialectyx.com</username><password>***</password></login></se:Body></se:Envelope>"
  clientId = (null)
  contentType = "text/xml; charset=UTF-8"
  destination = "DefaultHTTPS"
  headers = (Object)#1
  httpHeaders = (Object)#2
    Accept = "text/xml"
    SOAPAction = """"
    X-Salesforce-No-500-SC = "true"
  messageId = "9C77D321-52B6-46A2-C53C-1FE3DB152E56"
  method = "POST"
  recordHeaders = false
  timestamp = 0
  timeToLive = 0
  url = "https://www.salesforce.com/services/Soap/u/13.0"
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer connected.
Method name is: login
Warning: Ignoring invalid <allow-access-from> tag for domain 'http://www3.stream.co.jp' in policy file at https://www.salesforce.com/crossdomain.xml

Warning: Ignoring invalid <allow-access-from> tag for domain 'http://salesforce.sitestream.com' in policy file at https://www.salesforce.com/crossdomain.xml

Error: Ignoring policy file at https://www.salesforce.com/crossdomain.xml due to meta-policy 'by-content-type'.

Error: Ignoring policy file at https://www.salesforce.com/services/crossdomain.xml due to meta-policy 'by-content-type'.

*** Security Sandbox Violation ***
Connection to https://www.salesforce.com/services/Soap/u/13.0 halted - not permitted from https://localhost/pm_server/pm/pm-debug.swf
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer acknowledge of '9C77D321-52B6-46A2-C53C-1FE3DB152E56'.
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer fault for '9C77D321-52B6-46A2-C53C-1FE3DB152E56'.
Comunication Error : Channel.Security.Error : Security error accessing url : Destination: DefaultHTTPS
Error: Request for resource at https://www.salesforce.com/services/Soap/u/13.0 by requestor from https://localhost/pm_server/pm/pm-debug.swf is denied due to lack of policy file permissions.
simonjpalmersimonjpalmer
I've been speaking to Ron Hess and Dave Carroll at salesforce and there appears to be a bug.
SuperfellSuperfell
from the log you posted it appears that the /services/crossdomain.xml policy file is being served with the wrong content-type from www.salesforce.com, i thought that had been fixed, i'll chase down what's going on with it today. Sorry for the ongoing troubles.
SuperfellSuperfell
We just deployed a fix to www.salesforce.com to address the policy loading problems, sorry its taken so long to resolve this one. Please let me know if you're still having problems or not.
simonjpalmersimonjpalmer
Thanks for the update, it does indeed appear to be fixed because I can successfully connect via www using the furryhappymonsters site.

I blogged about this issue here...

http://simonpalmer.com/testing-salesforcecom-remote-connection/

I'll post an update saying it has been resolved in case anyone follows that trail.