function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
zero1578zero1578 

Session Integrity problem - Any ideas?

I have created a .net web form that allows a user to log in to salesforce, and at the end of a process create a case as themselves.  I have put this web app on an IIS server, and it works fine, as long as I am the only person using it.
 
 
Heres the problem:
 
User 1 logs in - starts filling out the form
User 2 logs in - starts filling out the form
 
No matter which user submits the data, the case is going to be created as User 2, since they were the last one to log in.  If a third user were to log in before the other two submitted their form, any of the submissions would look as though they were created by the last user to log in.
 
I am not sure what would cause this.  All users are accessing a server on the lan, the server connects out to salesforce. I am saving the sessionId from the loginresult, so I assume thats where the problem is.  I am not great with c# and scope so that could be the issue also :)
 
Code:
private static SforceService binding = new SforceService();

 
 
Code:
public static bool login(string login,string psw)
    {
        try
        {
            LoginResult lr = binding.login(login, psw);
            if (!lr.passwordExpired)
            {
                binding.Url = lr.serverUrl;
                binding.SessionHeaderValue = new SessionHeader();
                binding.SessionHeaderValue.sessionId = lr.sessionId;
                binding.Url = lr.serverUrl;
                QueryOptions bs = new QueryOptions();
                bs.batchSize = 2000;
                bs.batchSizeSpecified = true;
                GetUserInfoResult userInfo = lr.userInfo;
                HttpContext.Current.Session.Add("Name", userInfo.userFullName);
                HttpContext.Current.Session.Add("u", userInfo.userName);
                HttpContext.Current.Session.Add("sid", lr.sessionId);
                HttpContext.Current.Session.Add("server", lr.serverUrl);
                HttpContext.Current.Session.Add("Org", userInfo.organizationName);
                string firstName = userInfo.userFullName.ToString();
                firstName = firstName.Remove(firstName.IndexOf(" "));
                HttpContext.Current.Session.Add("FirstName", firstName);
                return true;


            }
            else
            {
                HttpContext.Current.Session.Add("Error", "Wrong Password, Account Expired, or General Error.");
                return false;
            }
        }
        catch (Exception r)
        {
            HttpContext.Current.Session.Add("Error", r.Message);
            return false;
        }
        

    }

 
 

 

zero1578zero1578
Anyone have any ideas? :smileysad: