You need to sign in to do that
Don't have an account?
Inconsistent exceptions for invalid login request
It seems like there are inconsistent SOAP exceptions being returned via the SOAP API 4.0 depending on whether you specify an invalid username or password. Note also that when an invalid password is specified, that the API is reporting that the user is not valid.
Here are my findings...
When an invalid username is specified
Exception: System.Web.Services.Protocols.SoapException
Exception "Message" property: "username or password not valid"
Exception detail "exceptionCode" value: "INVALID_LOGIN"
Exception detail "exceptionMessage" value: "username or password not valid"
When an invalid password is specified
Exception: System.Web.Services.Protocols.SoapException
Exception "Message" property: "INVALID_LOGIN: user not valid"
Exception detail "exceptionCode" value: "INVALID_LOGIN"
Exception detail "exceptionMessage" value: "user not valid"
I am using version 4.0 of the partner WSDL.
Visual studio.NET 2003 is my development environment.
Hi Dom,
Thanks for the info. I have submitted a bug to correct the error message to be the same "username or password not valid" for both cases. We don't want to provide clues to anyone trying to gain unauthorized access by defining which value was wrong.
Cheers