Invoke a SOAP API written in Salesforce using Axis

I had to consume an API written by someone else in Salesforce. I got the WSDL and the EndPoint.

Essentially what I had to do is to replace existing code I wrote a year ago to perform User Provisioning in Salesforce and rely on this API to perform that logic.

Now the interesting part is how to write my client, the obvious answer was to use WSDL2Java (Axis), because I don't want to write much code. And this is my final code: public void executeAccountUserProvisioningOnSalesforce(){ log.debug("Execute Account, Contact and User Provisioning (using single API on Salesforce) for "+this.kaptestRegistrationFields.getEmail()); com.sforce.soap.schemas._class.SSOprovisioningFunctionCall.Details details = null; this.login(); //Invoke Login //Create a sessionHeader object and set its sessioId property to sessionId SessionHeader sessionHeader = new SessionHeader(); sessionHeader.setSessionId(this.connection.getSessionHeader().getSessionId()); SSOprovisioningFunctionCallService service = new SSOprovisioningFunctionCallServiceLocator(); details = this.transformKaptestRegistrationFields(this.kaptestRegistrationFields); try { SSOprovisioningFunctionCallPortType port = service.getSSOprovisioningFunctionCall(new URL(provisioningEndPoint));//Use the service to get a stub which implements the SDI log.debug("Invoking "+provisioningEndPoint); ((Stub)port).setHeader("SessionHeader", "SessionHeader", sessionHeader); port.executeAccountUserProvisioning(details);//Invokes API } catch (Exception ex) { log.error("Error while invoking "+provisioningEndPoint+" for "+this.kaptestRegistrationFields.getEmail(),ex); } log.debug("Provisioning call to Salesforce completed for "+this.kaptestRegistrationFields.getEmail()); } .... private Boolean login() { Boolean success = false; try { ConnectorConfig config = new ConnectorConfig(); config.setUsername(username); config.setPassword(password); log.debug("AuthEndPoint: " + authEndPoint); config.setAuthEndpoint(authEndPoint); connection = new EnterpriseConnection(config); // Set the SOAP header to roll back the create unless // all contacts are successfully created. connection.setAllOrNoneHeader(true); printUserInfo(config); success = true; } catch (ConnectionException ce) { log.error("Error while executing login",ce); }catch (Exception ex) { log.error("Other Error occurred while executing login",ex); } return success; } This is a simple Cooking recipe with the exception of these lines: this.login(); //Invoke Login ... //Create a sessionHeader object and set its sessioId property to sessionId SessionHeader sessionHeader = new SessionHeader(); sessionHeader.setSessionId(this.connection.getSessionHeader().getSessionId()); ... ((Stub)port).setHeader("SessionHeader", "SessionHeader", sessionHeader); Things to keep in mind (otherwise you'll get "INVALID_SESSION_ID: Invalid Session ID found in SessionHeader: Illegal Session"):

1. Open a session in Salesforce (that's how get permission to invoke the API)
2. Populate SessionHeader object (with Salesforce sessionId)
3. Set the Header to your Port before making your call

Getting INVALID_SESSION_ID using Salesforce's SOAP based API

For those of you consuming Salesforce SOAP API.

The more calls you make, the more errors you'll get (if you're using the same user to perform this calls)

This is a brief description of what happened to me:
I implemented a process to perform Realtime user provisioning by using Salesforce SOAP based API calls. In a few words this is my process:

1. Login
2. Generate User Account (Using Connection.upsert)
3. Verify if User already exists (query User) to determine if next step will be Update or Insert
4. Upsert (Insert or Update) User
5. Upsert (Using Connection.upsert) other related objects (custom)
6. Logout

This process gets invoked when performing SSO, therefore I get as many executions of this process as users try to access my portal.

There is no pattern on this issue.

This is the error I see in my PingFederate logs: [UnexpectedErrorFault [ApiFault exceptionCode='INVALID_SESSION_ID' exceptionMessage='Invalid Session ID found in SessionHeader: Illegal Session. Session not found, missing session key' ...

After login is been performed (could be before executing any step before Logout or during Logout) This error is generating incomplete user/accounts in Salesforce (Some objects are not created due to this error)


After a few calls and emails with salesforce Developer Support, I got a clear and simple answer:

"There is no implication by calling only login and no logout()"
"Client applications do not need to explicitly log out to end a session. Sessions expire automatically after a predetermined length of inactivity".

Then, instead of over-thingking this problem and design some complex solutions, just like: Implementing a connection pooling mechanism or making singleton my Connection object. The answer was easier than I thought. Don't call Logout and Login as many times as you need. You'll get the same Session_Id (your session will be refreshed on Salesforce and will remain active), letting Salesforce kill it when I'm not using it.

Cool!