You need to sign in to do that
Don't have an account?
![simonjpalmer simonjpalmer](https://dfc-org-production.my.site.com/img/userprofile/default_profile_45_v2.png)
Login error from remote app
I am logging in from a Flex app using the Flex/Air toolkit. Last week I was getting a security sandbox violation and I have changed my endpoint to refer to a new place and now I am getting the following...
<soapenv:Fault>
<faultcode>
sf:INVALID_LOGIN
</faultcode>
<faultstring>
INVALID_LOGIN: Invalid username, password, security token; or user locked out.
</faultstring>
<detail>
<sf:LoginFault xsi:type="sf:LoginFault">
<sf:exceptionCode>
INVALID_LOGIN
</sf:exceptionCode>
<sf:exceptionMessage>
Invalid username, password, security token; or user locked out.
</sf:exceptionMessage>
</sf:LoginFault>
</detail>
</soapenv:Fault>
I have done all the obvious things like checking password and security token, but I cannot get in from my app - and neither can any of my users.
Anyone have any ideas?
<soapenv:Fault>
<faultcode>
sf:INVALID_LOGIN
</faultcode>
<faultstring>
INVALID_LOGIN: Invalid username, password, security token; or user locked out.
</faultstring>
<detail>
<sf:LoginFault xsi:type="sf:LoginFault">
<sf:exceptionCode>
INVALID_LOGIN
</sf:exceptionCode>
<sf:exceptionMessage>
Invalid username, password, security token; or user locked out.
</sf:exceptionMessage>
</sf:LoginFault>
</detail>
</soapenv:Fault>
I have done all the obvious things like checking password and security token, but I cannot get in from my app - and neither can any of my users.
Anyone have any ideas?
What I did do is make sure that I have the latest version of that toolkit.
What happens when you have your flex app send its request to www.salesforce.com ?
Api Server name = www.salesforce.com
_internalServerUrl = https://www.salesforce.com/services/Soap/u/13.0
set serverUrl: skip the policy file for sandboxType:remote and server:www.salesforce.com
login with creds
loading the policy file: https://www.salesforce.com/services/crossdomain.xml
Your application must be running on a https server in order to use https to communicate with salesforce.com!
invoke login
intServerUrl is null
intServerUrl = https://www.salesforce.com/services/Soap/u/13.0
_invoke login
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer set destination to 'DefaultHTTPS'.
Method name is: login
'direct_http_channel' channel endpoint set to http://localhost/pm_server/pm/
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer sending message '9C77D321-52B6-46A2-C53C-1FE3DB152E56'
'direct_http_channel' channel sending message:
(mx.messaging.messages::HTTPRequestMessage)#0
body = "<se:Envelope xmlns:se="http://schemas.xmlsoap.org/soap/envelope/"><se:Header xmlns:sfns="urn:partner.soap.sforce.com"/><se:Body><login xmlns="urn:partner.soap.sforce.com" xmlns:ns1="sobject.partner.soap.sforce.com"><username>simon.palmer@dialectyx.com</username><password>***</password></login></se:Body></se:Envelope>"
clientId = (null)
contentType = "text/xml; charset=UTF-8"
destination = "DefaultHTTPS"
headers = (Object)#1
httpHeaders = (Object)#2
Accept = "text/xml"
SOAPAction = """"
X-Salesforce-No-500-SC = "true"
messageId = "9C77D321-52B6-46A2-C53C-1FE3DB152E56"
method = "POST"
recordHeaders = false
timestamp = 0
timeToLive = 0
url = "https://www.salesforce.com/services/Soap/u/13.0"
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer connected.
Method name is: login
Warning: Ignoring invalid <allow-access-from> tag for domain 'http://www3.stream.co.jp' in policy file at https://www.salesforce.com/crossdomain.xml
Warning: Ignoring invalid <allow-access-from> tag for domain 'http://salesforce.sitestream.com' in policy file at https://www.salesforce.com/crossdomain.xml
Error: Ignoring policy file at https://www.salesforce.com/crossdomain.xml due to meta-policy 'by-content-type'.
Error: Ignoring policy file at https://www.salesforce.com/services/crossdomain.xml due to meta-policy 'by-content-type'.
*** Security Sandbox Violation ***
Connection to https://www.salesforce.com/services/Soap/u/13.0 halted - not permitted from https://localhost/pm_server/pm/pm-debug.swf
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer acknowledge of '9C77D321-52B6-46A2-C53C-1FE3DB152E56'.
'752A96A9-C437-A22F-AAC0-1FE3DB157CA5' producer fault for '9C77D321-52B6-46A2-C53C-1FE3DB152E56'.
Comunication Error : Channel.Security.Error : Security error accessing url : Destination: DefaultHTTPS
Error: Request for resource at https://www.salesforce.com/services/Soap/u/13.0 by requestor from https://localhost/pm_server/pm/pm-debug.swf is denied due to lack of policy file permissions.
I blogged about this issue here...
http://simonpalmer.com/testing-salesforcecom-remote-connection/
I'll post an update saying it has been resolved in case anyone follows that trail.