You need to sign in to do that
Don't have an account?
Mitchell Spano
SSL for web service
Hello,
I have a quick question about web services and SSL authentication.
I am trying to host a web service here is the class which I have designed.
global with sharing class CalendaringPlugin{
webservice static List<Event> GetEvents(String ClientID, Date StartDT, Date EndDT){
string resCode = 'false';
String CLID = [SELECT ID from Account WHERE CL_ID__c =: ClientID].id;
List<Event> EventList = [SELECT Owner.Name, Adv_ID__c, StartDateTime, Activity_Status__c, EndDateTime, Sub_Activity_Type__c, CreatedDate, ID, location from Event WHERE What.id =: CLID AND Share_Appointment_With_Client__c = true];
List<Event> NewEventList = new List<Event>();
for (Event e: EventList){
if (StartDT <= e.StartDateTime && e.StartDateTime <= EndDT){
NewEventList.add(e);
}
}
Return NewEventList;
}
}
I have developed the class, obtained and uploaded a CA signed certificate, shared the class WSDL, the partner WSDL, and the certificate keystore file with the designers of the web service. Note that I have not added their site to the list of remote sites.
But here is my problem, the designers are seeing a response from this web service wether or not they have signed the message.
So here is my question - how do I enforce the client to authenticate? I don't want to just send this response ( neweventlist ) for just anyone. Am I supposed to add more to this class?
Thanks for your help and time, I really appreciate it.
I have a quick question about web services and SSL authentication.
I am trying to host a web service here is the class which I have designed.
global with sharing class CalendaringPlugin{
webservice static List<Event> GetEvents(String ClientID, Date StartDT, Date EndDT){
string resCode = 'false';
String CLID = [SELECT ID from Account WHERE CL_ID__c =: ClientID].id;
List<Event> EventList = [SELECT Owner.Name, Adv_ID__c, StartDateTime, Activity_Status__c, EndDateTime, Sub_Activity_Type__c, CreatedDate, ID, location from Event WHERE What.id =: CLID AND Share_Appointment_With_Client__c = true];
List<Event> NewEventList = new List<Event>();
for (Event e: EventList){
if (StartDT <= e.StartDateTime && e.StartDateTime <= EndDT){
NewEventList.add(e);
}
}
Return NewEventList;
}
}
I have developed the class, obtained and uploaded a CA signed certificate, shared the class WSDL, the partner WSDL, and the certificate keystore file with the designers of the web service. Note that I have not added their site to the list of remote sites.
But here is my problem, the designers are seeing a response from this web service wether or not they have signed the message.
So here is my question - how do I enforce the client to authenticate? I don't want to just send this response ( neweventlist ) for just anyone. Am I supposed to add more to this class?
Thanks for your help and time, I really appreciate it.
https://developer.salesforce.com/page/Making_Authenticated_Web_Service_Callouts_Using_Two-Way_SSL