Salesforce and Ebase
Moderators: Jon, Steve, Ian, Dave
-
- Ebase User
- Posts: 95
- Joined: Wed Feb 27, 2013 5:16 pm
Salesforce and Ebase
Hi,
Just wondering if there are any Ebase customers integrating Ebase with Salesforce?
We have been doing it for quite some time without any problems but it could be nice to have a discussion around how things are done to improve the way things are done.
For example I currently use REST web services, about 5 in total that give me the ability to login, query, create and update Salesforce Records.
Thanks,
Alex
Just wondering if there are any Ebase customers integrating Ebase with Salesforce?
We have been doing it for quite some time without any problems but it could be nice to have a discussion around how things are done to improve the way things are done.
For example I currently use REST web services, about 5 in total that give me the ability to login, query, create and update Salesforce Records.
Thanks,
Alex
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
Hi,
Can you share with me how you set up the SF integration. I set up a REST service for this but I am trying to figure out how to make it authenticate.
On top of that I believe that once you authenticate, you need to use a different endpoint to retrieve data. Is that correct ?
I created a connected app in Salesforce.
In my REST object I used
Target BASE URI: https://login.salesforce.com/
In the endpoint I added these request parameters
client_id: my client id from SF connected app
client_secret: my client secret from SF connected app
grant_type: password (not my password but the actual text password)
username: my SF username
password: my SF password + my security token
When I test this endpoint it fails to authenticate with the error:
error":"invalid_grant","error_description":"authentication failure"}
I'm following a guideline that I got directly from SF support which is at this URL:
https://developer.salesforce.com/docs/a ... h_flow.htm
Edit: I found that there was an OAuth policy that was blocking my login.
Which authentication flow do you use of the 3 that Salesforce provides ? Web-Server flow, user-agent flow or username-password flow ?
I am at the point now where I'm trying to fetch data but my REST API to retrieve the data isn't working yet... Any help there would be appreciated.
Can you share with me how you set up the SF integration. I set up a REST service for this but I am trying to figure out how to make it authenticate.
On top of that I believe that once you authenticate, you need to use a different endpoint to retrieve data. Is that correct ?
I created a connected app in Salesforce.
In my REST object I used
Target BASE URI: https://login.salesforce.com/
In the endpoint I added these request parameters
client_id: my client id from SF connected app
client_secret: my client secret from SF connected app
grant_type: password (not my password but the actual text password)
username: my SF username
password: my SF password + my security token
When I test this endpoint it fails to authenticate with the error:
error":"invalid_grant","error_description":"authentication failure"}
I'm following a guideline that I got directly from SF support which is at this URL:
https://developer.salesforce.com/docs/a ... h_flow.htm
Edit: I found that there was an OAuth policy that was blocking my login.
Which authentication flow do you use of the 3 that Salesforce provides ? Web-Server flow, user-agent flow or username-password flow ?
I am at the point now where I'm trying to fetch data but my REST API to retrieve the data isn't working yet... Any help there would be appreciated.
0 x
-
- Ebase User
- Posts: 95
- Joined: Wed Feb 27, 2013 5:16 pm
Is your Endpoint URI within the Endpoint correct?
Your setup is not far away from mine. I can document it all out for you if you like. But whilst your base URI is right, you will still need "/services/oauth2/token" within the endpoint's Endpoint URI. Naturally it is uses the POST method. Your request query parameters look correct, I do have a request header of Content-Type: application/x-www-form-urlencoded but it may not be required.
Can you confirm your endpoint and if it doesn't work I'll document out my SF Login REST webservice for you.
Your setup is not far away from mine. I can document it all out for you if you like. But whilst your base URI is right, you will still need "/services/oauth2/token" within the endpoint's Endpoint URI. Naturally it is uses the POST method. Your request query parameters look correct, I do have a request header of Content-Type: application/x-www-form-urlencoded but it may not be required.
Can you confirm your endpoint and if it doesn't work I'll document out my SF Login REST webservice for you.
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
Alex,
I was able to get it to authenticate using the URL against the URL https://login.salesforce.com/services/oauth2/token
I am now trying to figure out how to fetch data. I created another REST service with the following parameters:
Target Base URI: https://na3.salesforce.com/
Endpoint URL: services/data/v20.0/
Request Query Parameters:
access_token: <My>
instance_url: https://na3.salesforce.com/
When I test this endpoint I get an error
[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]
I think that I'm missing a request query parameter but I'm not sure
I was able to get it to authenticate using the URL against the URL https://login.salesforce.com/services/oauth2/token
I am now trying to figure out how to fetch data. I created another REST service with the following parameters:
Target Base URI: https://na3.salesforce.com/
Endpoint URL: services/data/v20.0/
Request Query Parameters:
access_token: <My>
instance_url: https://na3.salesforce.com/
When I test this endpoint I get an error
[{"message":"Session expired or invalid","errorCode":"INVALID_SESSION_ID"}]
I think that I'm missing a request query parameter but I'm not sure
0 x
-
- Ebase User
- Posts: 95
- Joined: Wed Feb 27, 2013 5:16 pm
Hi,
The Response from the login web service will include two parts. The Session URI and the Session Token. These change every session so you'll need to pass them to your other web services.
The endpoint URL includes the API version (20 is quite old) etc looks ok but a bit incomplete. You will need to specifiy what you want to do with the web service (Salesforce's web services are incredibly powerful, they are "virtually" limitless). Again I use parameters again to build this but it looks like the end result is a URI like this:
https://XXX.salesforce.com/services/data/v32.0/query?q=
This is a query with Salesforce so I can pass SOQL to the web service and be returned something. I would recommend looking a the Salesforce REST documentation to determine the exact URI: https://developer.salesforce.com/docs/? ... sort=title
A full URI using the above would look like this:
https://XXX.salesforce.com/services/dat ... mail.value
Hope it makes sense
The Response from the login web service will include two parts. The Session URI and the Session Token. These change every session so you'll need to pass them to your other web services.
The endpoint URL includes the API version (20 is quite old) etc looks ok but a bit incomplete. You will need to specifiy what you want to do with the web service (Salesforce's web services are incredibly powerful, they are "virtually" limitless). Again I use parameters again to build this but it looks like the end result is a URI like this:
https://XXX.salesforce.com/services/data/v32.0/query?q=
This is a query with Salesforce so I can pass SOQL to the web service and be returned something. I would recommend looking a the Salesforce REST documentation to determine the exact URI: https://developer.salesforce.com/docs/? ... sort=title
A full URI using the above would look like this:
https://XXX.salesforce.com/services/dat ... mail.value
Hope it makes sense
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
-
- Ebase User
- Posts: 95
- Joined: Wed Feb 27, 2013 5:16 pm
Yeah no problem, see screenshot below (not authorization requirements in the headers too).
Again this is the query service, it is what I use to return ID's to me for upserting or displaying information to users (for example a product list etc).
It may not be setup perfectly as designed but it does work for myself. As you would expect the Target Base URI under general should now be &&ACCESS_URL and this is passed into it from the results of the login rest.
Again this is the query service, it is what I use to return ID's to me for upserting or displaying information to users (for example a product list etc).
It may not be setup perfectly as designed but it does work for myself. As you would expect the Target Base URI under general should now be &&ACCESS_URL and this is passed into it from the results of the login rest.
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
Thanks for that screenshot. The "Authorization: OAuth" field in the request header is what I was missing.
The REST resource that I am using to authenticate uses the Username-Password method for authentication.
I am having trouble understanding the User-Webflow authentication method as far as how you would pass the value of the response fields from a JSP based callback URL into Ebase form fields. Which of the 3 authentication methods do you use for authenticating with SalesForce ?
I want to make sure that I set up the REST resource that fetches the data correctly but I have a feeling that my method might not be the best way of doing things.
This is how it is set up:
General->Target Base URI: &&instance_url
Under endpoints:
Endpoint URI: /services/data/v40.0/query?q=&&query (Did you get the field &&API_VERSION from the authentication REST service or is this hard coded as the fields' value ?)
Method: Get
Request
---------
Body: <blank>
Request Query parameters
------------------------------
Name: query Value: &&query
Request Headers
-------------------
Name : Content-Type Value: application/x-www-form-urlencoded
Name: Authorization: Value: OAuth &&access_token
Response
-----------
Body: &&response
Status code: &&responseStatusCode
Response Headers
--------------------
<blank>
Resource Fields
-----------------
access_token
response
responseStatusCode
instance_url
query
Both REST resources are tied to a form and the form has fields (access_token,query etc) that are mapped to both REST resources.
The forms' before page event looks like this:
Is this similar to how you fetch Salesforce data ?
The REST resource that I am using to authenticate uses the Username-Password method for authentication.
I am having trouble understanding the User-Webflow authentication method as far as how you would pass the value of the response fields from a JSP based callback URL into Ebase form fields. Which of the 3 authentication methods do you use for authenticating with SalesForce ?
I want to make sure that I set up the REST resource that fetches the data correctly but I have a feeling that my method might not be the best way of doing things.
This is how it is set up:
General->Target Base URI: &&instance_url
Under endpoints:
Endpoint URI: /services/data/v40.0/query?q=&&query (Did you get the field &&API_VERSION from the authentication REST service or is this hard coded as the fields' value ?)
Method: Get
Request
---------
Body: <blank>
Request Query parameters
------------------------------
Name: query Value: &&query
Request Headers
-------------------
Name : Content-Type Value: application/x-www-form-urlencoded
Name: Authorization: Value: OAuth &&access_token
Response
-----------
Body: &&response
Status code: &&responseStatusCode
Response Headers
--------------------
<blank>
Resource Fields
-----------------
access_token
response
responseStatusCode
instance_url
query
Both REST resources are tied to a form and the form has fields (access_token,query etc) that are mapped to both REST resources.
The forms' before page event looks like this:
Code: Select all
// Authenticate with Salesforce
resources.SalesForceUser.call();
// Parse response
var obj=JSON.parse(fields.response.value);
// If an error occurred, do nothing else
if (obj["error"] != null) {
event.owner.addErrorMessage("Error: The error " + obj["error"] + " occurred with the description " + obj["error_description"])
event.stopExecution();
}
// Save these response parameters
fields.access_token.value=obj["access_token"];
fields.instance_url.value=obj["instance_url"];
fields.response.value=null;
fields.query.value="SELECT+Email+From+Contact";
// Fetch the data
try {
resources.SalesForceData.call();
} catch (e if e.javaException instanceof com.ebasetech.xi.exceptions.RestRuntimeException) {
alert("An error occurred fetching the data " + e.toString());
event.stopExecution();
} finally {
}
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
I'm having another issue now.
I developed the REST resource to authenticate with SalesForce on one of my Ebase instances (SERVER A), tested this resource and it authenticates correctly and returns the expected response. SERVER A uses a self signed SSL certificate which Firefox currently warns that its insecure but still functions.
I exported the REST resource and imported it into designer on Server B which is a completely separate Ebase instance.Server B uses a certificate from GoDaddy which is a trusted authority. When I test the REST resource on server B, I get an SSL related error:
I went to the URL of my SF instance (NA3) and exported the certificate in Firefox and imported it by doing:
-import -keystore tomcat.keystore -alias salesforcecrt -file salesforcecom.crt
and restarted Ebase but I am still having this problem.
I developed the REST resource to authenticate with SalesForce on one of my Ebase instances (SERVER A), tested this resource and it authenticates correctly and returns the expected response. SERVER A uses a self signed SSL certificate which Firefox currently warns that its insecure but still functions.
I exported the REST resource and imported it into designer on Server B which is a completely separate Ebase instance.Server B uses a certificate from GoDaddy which is a trusted authority. When I test the REST resource on server B, I get an SSL related error:
Code: Select all
Error performing request: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
-import -keystore tomcat.keystore -alias salesforcecrt -file salesforcecom.crt
and restarted Ebase but I am still having this problem.
0 x
-
- Ebase User
- Posts: 95
- Joined: Wed Feb 27, 2013 5:16 pm
Hi,
Sounds like your getting there, to answer your questions:
-> I pass the API version from a setup script. So it is essentially hardcoded into the forms (based on the API version of the developed objects it is accessing).
-> Yes that does look similar to how I handle things.
Regarding the final error, I have had exactly that problem and like you two of my servers behaved differently. I can't remember how I resolved it but I think it worked by importing into the keystore like you did the first time but the second I remember disabling the security in Java somehow...I don't have the notes on what I did unfortunately. Maybe one to ask Ebase...
Sounds like your getting there, to answer your questions:
-> I pass the API version from a setup script. So it is essentially hardcoded into the forms (based on the API version of the developed objects it is accessing).
-> Yes that does look similar to how I handle things.
Regarding the final error, I have had exactly that problem and like you two of my servers behaved differently. I can't remember how I resolved it but I think it worked by importing into the keystore like you did the first time but the second I remember disabling the security in Java somehow...I don't have the notes on what I did unfortunately. Maybe one to ask Ebase...
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
-
- Ebase User
- Posts: 95
- Joined: Wed Feb 27, 2013 5:16 pm
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
-
- Moderator
- Posts: 414
- Joined: Fri Sep 07, 2007 3:44 pm
- Location: Sandy, UK
- Contact:
Hi Segi,
I think you need to set -Djavax.net.ssl.trustStore=<trust-store-location> as this contains all the CA certificates that are trusted by your application. I believe that you will need to create the trust store and import the GoDaddy certificate into it.
https://docs.oracle.com/cd/E19509-01/82 ... index.html
Kind regards
Steve
I think you need to set -Djavax.net.ssl.trustStore=<trust-store-location> as this contains all the CA certificates that are trusted by your application. I believe that you will need to create the trust store and import the GoDaddy certificate into it.
https://docs.oracle.com/cd/E19509-01/82 ... index.html
Kind regards
Steve
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
Steve
By trust store you mean the keystore file right ?
There's something that doesn't make sense to me.
Since my original post about this SSL issue, I have installed a trusted certificate (from Let'sEncrypt) on server A where I developed the SalesForce resources initially. The REST resource to authenticate with Salesforce still authenticates fine without any issues and server A doesn't have that Java startup parameter that points to the trust store.
Server B doesn't have that parameter either and doesn't work. I don't understand why I'd need to point server B to the trust server in order to get it to work when A doesn't have it and does work.
By trust store you mean the keystore file right ?
There's something that doesn't make sense to me.
Since my original post about this SSL issue, I have installed a trusted certificate (from Let'sEncrypt) on server A where I developed the SalesForce resources initially. The REST resource to authenticate with Salesforce still authenticates fine without any issues and server A doesn't have that Java startup parameter that points to the trust store.
Server B doesn't have that parameter either and doesn't work. I don't understand why I'd need to point server B to the trust server in order to get it to work when A doesn't have it and does work.
0 x
-
- Moderator
- Posts: 414
- Joined: Fri Sep 07, 2007 3:44 pm
- Location: Sandy, UK
- Contact:
Hi Segi,
I did mean trust store and not keystore. These are different.
I am only going on what I have read on the internet myself:
https://stackoverflow.com/questions/634 ... th-keytool
I also thought the same as you, that Server A works and Server B does not.
There has to be an obvious reason why this is the case, as I am assuming they have identical software levels? Have you checked all the startup -D params are the same for each (this might seem silly question) for both the Integrated Server and External Server (if using). It might be also worth checking they are using the same Java level.
Steve
I did mean trust store and not keystore. These are different.
I am only going on what I have read on the internet myself:
https://stackoverflow.com/questions/634 ... th-keytool
I also thought the same as you, that Server A works and Server B does not.
There has to be an obvious reason why this is the case, as I am assuming they have identical software levels? Have you checked all the startup -D params are the same for each (this might seem silly question) for both the Integrated Server and External Server (if using). It might be also worth checking they are using the same Java level.
Steve
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
Steve,
Both servers are running Ebase 5.2.0.
Server A and B have almost the same startup parameters. Both have these parameters:
but Server B also has these additional parameters (I could be wrong but I think that they were picked up by the parameters of the Tomcat connector)
I just added com.sun.net.ssl.checkRevocation=false recently to see if that parameter was needed to fix this issue but it didn't make a difference.
Server A is running Java 1.8.0_141-b15 and Server B is running Java 1.8.0_60-b27
Thanks
Segi
Both servers are running Ebase 5.2.0.
Server A and B have almost the same startup parameters. Both have these parameters:
Code: Select all
-Dcatalina.base=C:\ebaseXi5\UfsServer\tomcat
-Dcatalina.home=C:\ebaseXi5\UfsServer\tomcat
-Dderby.system.home=c:\ebaseXi5\UfsServer\DB
-Djava.endorsed.dirs=C:\ebaseXi5\UfsServer\tomcat\endorsed
-DXX:MaxPermSize=512m -Djava.io.tmpdir=C:\ebaseXi5\UfsServer\tomcat\temp
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.util.logging.config.file=C:\ebaseXi5\UfsServer\tomcat\conf\logging.properties
Code: Select all
-Djavax.net.ssl.keyStorePassword=MYPASSWORDHERE
-Djavax.net.ssl.keyStore=c:\ebaseXi5\keystore.jks
-Djavax.net.ssl.trustStorePassword=MYPASSWORDHERE
-Djavax.net.ssl.trustStore=c:\ebaseXi5\keystore.jks
-Dcom.sun.net.ssl.checkRevocation=false
Server A is running Java 1.8.0_141-b15 and Server B is running Java 1.8.0_60-b27
Thanks
Segi
0 x
-
- Moderator
- Posts: 414
- Joined: Fri Sep 07, 2007 3:44 pm
- Location: Sandy, UK
- Contact:
Hi Segi,
I am surprised that the GoDaddy certificate is not working. I think you posted a different post on the forum stating you had problems with GoDaddy certificates. I assume that GoDaddy could not help you with this problem?
All I can suggest is that you try debugging the SSL communication to see if that shows you where the problem is, see the link below:
http://docs.oracle.com/javase/7/docs/te ... Debug.html
Kind regards
Steve
I am surprised that the GoDaddy certificate is not working. I think you posted a different post on the forum stating you had problems with GoDaddy certificates. I assume that GoDaddy could not help you with this problem?
All I can suggest is that you try debugging the SSL communication to see if that shows you where the problem is, see the link below:
http://docs.oracle.com/javase/7/docs/te ... Debug.html
Kind regards
Steve
0 x
-
- Ebase User
- Posts: 649
- Joined: Mon Dec 09, 2013 6:37 pm
Steve,
The problem that I had with GoDaddy SSL certs has been fixed.
As I mentioned, I have 2 different Ebase instances.
Server A which is my development server and uses a Lets Encrypt SSL certificate and is installed correctly.
Server B is our production instance of Ebase which has a GoDaddy certificate. I had some issues installing it but I have fixed them and the SSL cert from GoDaddy is correctly installed and working.
Although each instance has a cert from a different provider, that shouldn't make a difference as far as connecting to a REST end point goes as far as I'm aware.
The REST endpoint was created on A and authenticates correctly but I am getting this error after importing the resource into Server B
The problem that I had with GoDaddy SSL certs has been fixed.
As I mentioned, I have 2 different Ebase instances.
Server A which is my development server and uses a Lets Encrypt SSL certificate and is installed correctly.
Server B is our production instance of Ebase which has a GoDaddy certificate. I had some issues installing it but I have fixed them and the SSL cert from GoDaddy is correctly installed and working.
Although each instance has a cert from a different provider, that shouldn't make a difference as far as connecting to a REST end point goes as far as I'm aware.
The REST endpoint was created on A and authenticates correctly but I am getting this error after importing the resource into Server B
0 x
Who is online
Users browsing this forum: No registered users and 2 guests