Sign Up ›
  • ITArchitect
  • NEWBIE
  • 0 Points
  • Member since 2009
  • Chatter
    Feed
  • 0
    Best Answers
  • 1
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 0
    Replies
1 replies

Validate User Session Id in APEX Webservice

We have tight integration between Salesforce and a custom built .NET web appication.  We have one security requirement where I need to call from Salesforce a web service that is hosted on our internal web application.  As part of this call I need to pass the SessionId and UserId of the Salesforce user.  The service will then need to make a call back to Salesforce to validate the session id is active for the specified user before it will perform the requested action.  If the session id is not valid the service would simply return an error code.

 

I am open to any suggestions, but my first thought was to create an APEX class with a Webservice method that will allow an inbount call with the session id and user id and the service will return true or false depending if they are valid. 

 

webService static Boolean validateSessionId(String strUserName, Id idSession)

 

However, I am not sure what code is necessary to be able to determine if the session id and user id are valid.  Please let me know if anybody has thoughts on this.

 

I basically just need code to validate that a given session id and user id is currently active and valid.

 

Thanks for your help

 

 

1 replies

Validate User Session Id in APEX Webservice

We have tight integration between Salesforce and a custom built .NET web appication.  We have one security requirement where I need to call from Salesforce a web service that is hosted on our internal web application.  As part of this call I need to pass the SessionId and UserId of the Salesforce user.  The service will then need to make a call back to Salesforce to validate the session id is active for the specified user before it will perform the requested action.  If the session id is not valid the service would simply return an error code.

 

I am open to any suggestions, but my first thought was to create an APEX class with a Webservice method that will allow an inbount call with the session id and user id and the service will return true or false depending if they are valid. 

 

webService static Boolean validateSessionId(String strUserName, Id idSession)

 

However, I am not sure what code is necessary to be able to determine if the session id and user id are valid.  Please let me know if anybody has thoughts on this.

 

I basically just need code to validate that a given session id and user id is currently active and valid.

 

Thanks for your help