You need to sign in to do that
Don't have an account?
Juan Romero
session ID in header
Hi,
I have been able to login to the RPC server (prior post), but I am unable to logout. The problem seems to be the session HTTP cookie. This is what I am doing:
xmlhttp.setRequestHeader "Cookie", "session_id=" & session_id
The error returned is: 1112, session id missing or invalid
Please help, thank you.
The best way to use cookies from VB6 is using the wininet libraries. Here is an example of a login:
Declare Function InternetSetCookie Lib "wininet.dll" Alias "InternetSetCookieA" (ByVal lpszUrlName As String, ByVal lpszCookieName As String, ByVal lpszCookieData As String) As Boolean
Dim dict As Scripting.Dictionary
Set dict = New Scripting.Dictionary
Dim bLogin As Boolean
dict.Add "username", UserName
dict.Add "password", Password
dict.Add "version", gblApiVersion
dict.Add "application", "appname"
dict.Add "client", gblClient
Dim ret
ret = InternetSetCookie("http://" & gblApiServer, "sid", "")
'xmlrpc is a class that provides the xmlrpc client
xmlrpc.rpcCall ret, "sfdc.login", dict
bLogin = Not xmlrpc.wasFault()
If bLogin Then
'set a global variable that holds the valid sessionid
gblSID = ret.Item("session_id")
'call a method to set the url returned by login, this
'sets a url property on the xmlrpc client for subsequent calls
setServer ret.Item("server_url")
'set a persistent cookie for the url and sid.
ret = InternetSetCookie("http://" & apiServer, "sid", gblSID)
End If
login = bLogin
Set dict = Nothing
Set ret = Nothing
End Function
Message Edited by DevAngel on 06-18-2003 09:03 AM
Hi,
The example above does not answer my question. It is very hard to make up anything out of it, since you have not included the RPCcall class. The WinInet function InternetSetCookie returns a boolean, and you have lines using items from the return value as if it was a collection. eg.: gblSID = ret.Item("session_id")
Please explain this, and also, I would like to repost my original question: What's wrong with this?:
xmlhttp.setRequestHeader "Cookie", "session_id=" & Session_ID
Is the server expecting a cookie with the name "session_id"? or is it perhaps expecting something else, like "sid"?
Thank you in advance.
Hi Juan,
The purpose of the code sample was to show you the InternetSetCookie call in the context of ONE implementation. There is no standard xml-rpc client for vb6, unless you want to use something like PocketXML-RPC from pocketSOAP (www.pocketsoap.com).
The implementation of the xml-rpc client used for context in the code snippet does in fact return dictionary objects from the xml-rpc calls. Dictionaries are the closest thing in VB6 to a java struct, which is what the xml-rpc response is modeled on. The ret variable is of no use once the return values of the login are used and so it is used for the InternetSetCookie call at the bottom of the successful login thread.
If you refer to the XML-RPC documentation (Appendix D) all the required information is there, such as the format of the session id cookie as well as many examples of xml-rpc messages.
Copyright⬢ 2002-2003 SalesForce.com, Inc. All rights reserved. Page 66
APPENDIX D: XML-RPC Examples
Example XML-RPC requests and responses are included for each call. Each call must be contained in an HTTP
request with appropriate HTTP headers. The HTTP headers are not shown in the examples, as they are either
fixed or vary by the client.
Most calls take a session HTTP header cookie for authentication. The value for that session ID is obtained from
the response to the login call. An example HTTP cookie header for the session value would be:
Cookie: sid=1tfY2dmkMSWr3_.R0tbU1dbXHYna29zdqonw8Mmxy_s=; Path=/
The XML-RPC examples are indented for readability. The sforce API is not sensitive to indenting. The examples
could be passed .as is. to the API, or they could be passed as one long line of text without any formatting.
Responses from the sforce API are not normally formatted, without newlines (unless the data contains
newlines). You can obtain indented responses for readability and debugging purposes by specifying the HTTP
header: PrettyPrint: Yes. You should not use the PrettyPrint header for actual production use, though (see
Use of Headers on page 27 for more information).
LOGIN CALL XML-RPC EXAMPLES
login Request
<?xml version="1.0"?>
<methodCall>
<methodName>sfdc.login</methodName>
<params><param><value><struct>
<member>
<name>version</name>
<value><string>1.9</string></value>
</member>
<member>
<name>username</name>
<value><string>USERNAME</string></value>
</member>
<member>
<name>password</name>
<value><string>PASSWORD</string></value>
</member>
<member>
<name>secure</name>
<value><boolean>1</boolean></value>
</member>
</struct></value></param></params>
</methodCall>
login Response
<?xml version="1.0" encoding="UTF-8" ?>
<methodResponse>
<params><param><value><struct>
<member>
<name>server_url</name>
Message Edited by DevAngel on 06-18-2003 09:40 AM
I checked the documentation, and it does not mention anything there. The only thing they mention is that you are supposed to send a cookie in the header back with the session id. WHAT IS NOT MENTIONED THERE (which I finally figured out on my own) is that the cookie name is not "session_id" as the manual suggests, the name instead is "sid".
I appreciate your help. Thank you.
In the API manual are the following references to the session id:
SessionID
sessionID
session_id
I did find the reference to 'sid' as you mentioned, but this gave us fits also. The docs make it confusing.
The docs *are* confusing and require a lot of trial and error before you get something to work.
I realize that API documentation is hard to write.
Thanks for your continuted timely response to all our queries.
We have an exterprise license and never get our support email answered.
Without you, we would probably be SalesForce.com-less.
Al G
AlterPoint
Hi Al,
Yes, the API documentation has some faults, no question. We have established a separate and dedicated project internally for API documentation. We will be breaking out the documentation into separate SOAP and an XML-RPC documents. During this project we will be taking all the great suggestions and issues raised from our customers (developers) and incorporating them into this new rev of the documenation.
Until then, please take advantage of this forum for clarification and problem reporting.
This worked for me:
xmlhttp.setRequestHeader("Cookie", "sid="+session_id );
xmlhttp.setRequestHeader("sessionid", session_id );
You need both in the header.
good