Martin Haagen presented on integrating Salesforce with external systems using web services. He discussed using web services for single sign-on and dynamic sharing to minimize data maintenance. Examples were shown of generating proxies from WSDLs to call .NET and PHP web services from Apex code using triggers or Visualforce. Hosting web services on the Force.com platform and security considerations like IP filtering were also covered. Demo code was provided on GitHub for outbound calls to .NET and PHP and tips discussed like avoiding callouts in loops and using mock classes for testing.

1. Integrations using Web Services
Examples with .NET & PHP
Martin Haagen, QlikTech, Systems Manager; CRM
@sehaagen

2. Safe Harbor
Safe harbor statement under the Private Securities Litigation Reform Act of 1995:
This presentation may contain forward-looking statements that involve risks, uncertainties, and assumptions. If any such uncertainties
materialize or if any of the assumptions proves incorrect, the results of salesforce.com, inc. could differ materially from the results
expressed or implied by the forward-looking statements we make. All statements other than statements of historical fact could be
deemed forward-looking, including any projections of product or service availability, subscriber growth, earnings, revenues, or other
financial items and any statements regarding strategies or plans of management for future operations, statements of belief, any
statements concerning new, planned, or upgraded services or technology developments and customer contracts or use of our services.
The risks and uncertainties referred to above include – but are not limited to – risks associated with developing and delivering new
functionality for our service, new products and services, our new business model, our past operating losses, possible fluctuations in our
operating results and rate of growth, interruptions or delays in our Web hosting, breach of our security measures, the outcome of any
litigation, risks associated with completed and any possible mergers and acquisitions, the immature market in which we operate, our
relatively limited operating history, our ability to expand, retain, and motivate our employees and manage our growth, new releases of our
service and successful customer deployment, our limited history reselling non-salesforce.com products, and utilization and selling to
larger enterprise customers. Further information on potential factors that could affect the financial results of salesforce.com, inc. is
included in our annual report on Form 10-K for the most recent fiscal year and in our quarterly report on Form 10-Q for the most recent
fiscal quarter. These documents and others containing important disclosures are available on the SEC Filings section of the Investor
Information section of our Web site.
Any unreleased services or features referenced in this or other presentations, press releases or public statements are not currently
available and may not be delivered on time or at all. Customers who purchase our services should make the purchase decisions
based upon features that are currently available. Salesforce.com, inc. assumes no obligation and does not intend to update these
forward-looking statements.

3. Martin Haagen
Systems Manager; CRM
@sehaagen

4. Introduction
Martin Haagen, QlikTech

5. What We Solved With Web Service integrations
SSO solution
▪ Expectations
• Smooth and seem less experience for users
• Minimize data maintenance for internal staff
▪ Authentication schemes: SAML, form posts, token based
▪ Automatic mappings to company for new customer / partner
▪ Easy user management for internal staff

6. What Have We Solved With Web Service integrations
Dynamic Sharing
▪ Sharing set by field values on objects or related objects
▪ Change of data can require sharing rule recalculation
▪ Process expensive on SOQL limits

7. Session Outline
Outbound Web Services
▪ Originating in Salesforce targeting PHP / .NET web services
▪ From APEX using triggers or Visual Force controllers
▪ Outbound Message using Workflows
Inbound Web Services
▪ Host your web service on the force.com platform
Security and lessons learned

8. Outbound Web Service Calls

9. WSDLs
▪ Web Service Description Language
▪ XML – Contract
▪ Salesforce provides WSDLs for the different SOAP APIs
▪ Use WSDL to generate Service / Client interfaces
▪ Custom or third party Web Services usually provides the WSDL by
adding ?wsdl to the endpoint.

10. Generate proxy from WSDL in Salesforce
Limitations to WSDL parser (wsdl2apex)
http://bit.ly/dudMQv
Not supported:
▪ RPC/Encoded Services
▪ Multiple ports / services
▪ @imports

11. Outbound – WSDL - .NET 2.0

12. Outbound – WSDL - WCF

13. Outbound - Considerations
Is @future (Callout = true) when called from triggers.
Cannot be called from Controller Constructor – use VisualForce –
”action”.
<apex:page
controller="CustomCreditStatusController"
action="{!doRedirectionNET}">

14. Governor Limits
Description
Limits
Total number of callouts in a transaction
10
Maximum timeout for all callouts in a transaction
120 seconds
Total number of methods with the @future annotation allowed per Apex
10
invocation
Maximum response data size is 3MB.

15. Outbound
Demo - .NET / C#

16. Outbound Messages

17. Outbound message from a Workflow
▪ Configure workflow with outbound message
▪ Define endpoint
▪ Use WSDL to create interfaces / proxy

18. Outbound message from a Workflow

19. .NET – Generate the interface
▪ wsdl.exe /serverInterface file.wsdl
▪ SvcUtil.exe – for MCF
▪ Codeplex – Wscfblue
http://wscfblue.codeplex.com/
▪ Use session to handle callbacks with SOAP API

20. PHP – Generate class / proxy
▪ WSDL2PHP
http://sourceforge.net/projects/wsdl2php/
▪ Use session with PHP Toolkit to handle callback

21. Demo PHP

22. Inbound Web Services

23. Web Service SOAP API
Enterprise WSDL
▪ Custom objects
▪ Generated from the structure in the current Salesforce Org
Partner WSDL
▪ Query field / object existence before use
▪ General API

24. REST API
Representational State Transfer
Short about all the available APIs - http://bit.ly/nPrXHG
Typical applications
▪ Mobile
▪ Web Applications
▪ Chatter

25. Host Web Service on force.com
Expose class methods in APEX
▪ Class needs to be defined as “global”
▪ Method needs to be declared as “webservice static”
Methods available via SOAP and REST.
Generate WSDL from Classes list.

26. Security, Gotchas and Tip & Tricks

27. Security
▪ Multi tenant platform – secure external Web Services
▪ IP Filtering
▪ Username and Passwords using Basic authentication
▪ SSL certificates

28. Gotchas and Tip & Tricks
Outbound calls
▪ Limits and triggers
• 10 outbound calls per context
• 10 @future calls per context
▪ Avoid call in loops – just like SOQL
▪ Make Web Service methods support collection of data

29. Gotchas and Tip & Tricks
Testing
▪ Test methods are aborted if containing outbound calls
▪ Use Mock classes to
• Improve test coverage
• Simulate responses from web services
• @future calls runs / completes when test.stopTest() is done

30. Gotchas and Tip & Tricks
Traffic inspection
▪ In regular web service development: fiddler2
▪ Force.com: use developer instance
Remember to add remote site settings

31. Summary
Outbound web service calls
▪ Triggers and VF pages
▪ Workflow rules
Inbound web service calls
Security considerations
Tip & Tricks
Demo code on GitHub
https://github.com/haagen/DF13_WebServices_NETPHP

32. Martin Haagen
Systems Manager; CRM,
@sehaagen

33. We want to hear
from YOU!
Please take a moment to complete our
session survey
Surveys can be found in the “My Agenda”
portion of the Dreamforce app