function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
Juan RomeroJuan Romero 

session ID in header

Hi,

I have been able to login to the RPC server (prior post), but I am unable to logout. The problem seems to be the session HTTP cookie. This is what I am doing:

xmlhttp.setRequestHeader "Cookie", "session_id=" & session_id

The error returned is: 1112, session id missing or invalid

Please help, thank you.

DevAngelDevAngel

The best way to use cookies from VB6 is using the wininet libraries.  Here is an example of a login:

Declare Function InternetSetCookie Lib "wininet.dll" Alias "InternetSetCookieA" (ByVal lpszUrlName As String, ByVal lpszCookieName As String, ByVal lpszCookieData As String) As Boolean

   
    Dim dict As Scripting.Dictionary
    Set dict = New Scripting.Dictionary
   
    Dim bLogin As Boolean
   
    dict.Add "username", UserName
    dict.Add "password", Password
    dict.Add "version", gblApiVersion
    dict.Add "application", "appname"
    dict.Add "client", gblClient
       
    Dim ret
    ret = InternetSetCookie("http://" & gblApiServer, "sid", "")
    'xmlrpc is a class that provides the xmlrpc client
    xmlrpc.rpcCall ret, "sfdc.login", dict
   
    bLogin = Not xmlrpc.wasFault()
   
    If bLogin Then
        'set a global variable that holds the valid sessionid
        gblSID = ret.Item("session_id")
        'call a method to set the url returned by login, this
        'sets a url property on the xmlrpc client for subsequent calls
        setServer ret.Item("server_url")
        'set a persistent cookie for the url and sid.
        ret = InternetSetCookie("http://" & apiServer, "sid", gblSID)
    End If
   
    login = bLogin
   
    Set dict = Nothing
    Set ret = Nothing
   
End Function

Message Edited by DevAngel on 06-18-2003 09:03 AM
Juan RomeroJuan Romero

Hi,

The example above does not answer my question. It is very hard to make up anything out of it, since you have not included the RPCcall class. The WinInet function InternetSetCookie returns a boolean, and you have lines using items from the return value as if it was a collection. eg.:   gblSID = ret.Item("session_id")

Please explain this, and also, I would like to repost my original question: What's wrong with this?:

 xmlhttp.setRequestHeader "Cookie", "session_id=" & Session_ID

Is the server expecting a cookie with the name "session_id"? or is it perhaps expecting something else, like "sid"?

Thank you in advance.

 
DevAngelDevAngel

Hi Juan,

The purpose of the code sample was to show you the InternetSetCookie call in the context of ONE implementation.  There is no standard xml-rpc client for vb6, unless you want to use something like PocketXML-RPC from pocketSOAP (www.pocketsoap.com).

The implementation of the xml-rpc client used for context in the code snippet does in fact return dictionary objects from the xml-rpc calls.  Dictionaries are the closest thing in VB6 to a java struct, which is what the xml-rpc response is modeled on.  The ret variable is of no use once the return values of the login are used and so it is used for the InternetSetCookie call at the bottom of the successful login thread.

If you refer to the XML-RPC documentation (Appendix D) all the required information is there, such as the format of the session id cookie as well as many examples of xml-rpc messages.

Copyright⬢ 2002-2003 SalesForce.com, Inc. All rights reserved. Page 66

APPENDIX D: XML-RPC Examples

Example XML-RPC requests and responses are included for each call. Each call must be contained in an HTTP

request with appropriate HTTP headers. The HTTP headers are not shown in the examples, as they are either

fixed or vary by the client.

Most calls take a session HTTP header cookie for authentication. The value for that session ID is obtained from

the response to the login call. An example HTTP cookie header for the session value would be:

Cookie: sid=1tfY2dmkMSWr3_.R0tbU1dbXHYna29zdqonw8Mmxy_s=; Path=/

The XML-RPC examples are indented for readability. The sforce API is not sensitive to indenting. The examples

could be passed .as is. to the API, or they could be passed as one long line of text without any formatting.

Responses from the sforce API are not normally formatted, without newlines (unless the data contains

newlines). You can obtain indented responses for readability and debugging purposes by specifying the HTTP

header: PrettyPrint: Yes. You should not use the PrettyPrint header for actual production use, though (see

Use of Headers on page 27 for more information).

LOGIN CALL XML-RPC EXAMPLES

login Request

<?xml version="1.0"?>

<methodCall>

<methodName>sfdc.login</methodName>

<params><param><value><struct>

<member>

<name>version</name>

<value><string>1.9</string></value>

</member>

<member>

<name>username</name>

<value><string>USERNAME</string></value>

</member>

<member>

<name>password</name>

<value><string>PASSWORD</string></value>

</member>

<member>

<name>secure</name>

<value><boolean>1</boolean></value>

</member>

</struct></value></param></params>

</methodCall>

login Response

<?xml version="1.0" encoding="UTF-8" ?>

<methodResponse>

<params><param><value><struct>

<member>

<name>server_url</name>

Message Edited by DevAngel on 06-18-2003 09:40 AM
Juan RomeroJuan Romero

I checked the documentation, and it does not mention anything there. The only thing they mention is that you are supposed to send a cookie in the header back with the session id. WHAT IS NOT MENTIONED THERE (which I finally figured out on my own) is that the cookie name is not "session_id" as the manual suggests, the name instead is "sid".

I appreciate your help. Thank you.
alal

In the API manual are the following references to the session id:

SessionID

sessionID

session_id

I did find the reference to 'sid' as you mentioned, but this gave us fits also. The docs make it confusing.

The docs *are* confusing and require a lot of trial and error before you get something to work.

I realize that API documentation is hard to write.

 

Thanks for your continuted timely response to all our queries.

We have an exterprise license and never get our support email answered.

Without you, we would probably be SalesForce.com-less.

Al G

AlterPoint
DevAngelDevAngel

Hi Al,

Yes, the API documentation has some faults, no question.  We have established a separate and dedicated project internally for API documentation.  We will be breaking out the documentation into separate SOAP and an XML-RPC documents.  During this project we will be taking all the great suggestions and issues raised from our customers (developers) and incorporating them into this new rev of the documenation.

Until then, please take advantage of this forum for clarification and problem reporting.

 
betobeto

This worked for me:

xmlhttp.setRequestHeader("Cookie", "sid="+session_id );
 xmlhttp.setRequestHeader("sessionid", session_id );

You need both in the header.

good