Menu
I'm trying to implement a pure WCF scenario where I want to call Dynamics CRM WCF service without relying on the SDK helper classes. Basically, I would like to implement federated authentication against Dynamics CRM 2011 using only native WCF support from the .net framework.
The reason I'm doing this is that I would like to port this scenario later-on to BizTalk.
I've successfully generated proxy classes with SvcUtil, but the part of the policies and security assertions are not compatible with the configuration schema. SvcUtil suggests to build the binding from code instead, which is what I'm trying to do.
The resulting code is here:
private static void CallWcf()
{
OrganizationServiceClient client = null;
try
{
// Login Live.com Issuer Binding
var wsHttpBinding = new WSHttpBinding();
wsHttpBinding.Security = new WSHttpSecurity();
wsHttpBinding.Security.Mode = SecurityMode.Transport;
// Endpoint Binding Elements
var securityElement = new TransportSecurityBindingElement();
securityElement.DefaultAlgorithmSuite = SecurityAlgorithmSuite.TripleDes;
securityElement.IncludeTimestamp = true;
securityElement.KeyEntropyMode = SecurityKeyEntropyMode.CombinedEntropy;
securityElement.MessageSecurityVersion = MessageSecurityVersion.WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10;
securityElement.SecurityHeaderLayout = SecurityHeaderLayout.Strict;
var securityTokenParameters = new IssuedSecurityTokenParameters();
securityTokenParameters.InclusionMode = SecurityTokenInclusionMode.AlwaysToRecipient;
securityTokenParameters.ReferenceStyle = SecurityTokenReferenceStyle.Internal;
securityTokenParameters.RequireDerivedKeys = false;
securityTokenParameters.TokenType = null;
securityTokenParameters.KeyType = SecurityKeyType.SymmetricKey;
securityTokenParameters.KeySize = 192;
securityTokenParameters.IssuerAddress = new EndpointAddress("https://login.live.com/extSTS.srf");
securityTokenParameters.IssuerMetadataAddress = null;
securityTokenParameters.DefaultMessageSecurityVersion = null;
securityTokenParameters.IssuerBinding = wsHttpBinding;
securityElement.EndpointSupportingTokenParameters.Signed.Add(securityTokenParameters);
var textMessageEncodingElement = new TextMessageEncodingBindingElement();
textMessageEncodingElement.MaxReadPoolSize = 64;
textMessageEncodingElement.MaxWritePoolSize = 16;
textMessageEncodingElement.MessageVersion = MessageVersion.Default;
textMessageEncodingElement.WriteEncoding = System.Text.Encoding.UTF8;
textMessageEncodingElement.ReaderQuotas.MaxStringContentLength = 8192;
textMessageEncodingElement.ReaderQuotas.MaxArrayLength = 16384;
textMessageEncodingElement.ReaderQuotas.MaxBytesPerRead = 4096;
textMessageEncodingElement.ReaderQuotas.MaxNameTableCharCount = 16384;
var httpsTransportElement = new HttpsTransportBindingElement();
httpsTransportElement.ManualAddressing = false;
httpsTransportElement.AuthenticationScheme = System.Net.AuthenticationSchemes.Anonymous;
CustomBinding binding = new CustomBinding();
binding.Elements.Add(securityElement);
binding.Elements.Add(textMessageEncodingElement);
binding.Elements.Add(httpsTransportElement);
client = new OrganizationServiceClient(binding, new EndpointAddress(EndpointUri));
client.ClientCredentials.UserName.UserName = Username;
client.ClientCredentials.UserName.Password = Password;
client.Open();
var columnSet = new schemas.microsoft.com.xrm._2011.Contracts.ColumnSet();
var identifier = new Guid("fbf8240e-2c85-e011-ad55-1cc1de0878eb");
columnSet.Columns = new string[] { "name" };
var entity = client.Retrieve("account", identifier, columnSet);
}
finally
{
if (client != null)
client.Close();
}
}
I'm new to federated authentication and am having a hard time figuring out the potential differences between the many available bindings, so I would be grateful for any help in this regard.
589
While early binding provides compile-time checking of all types so that no implicit casts occur, late binding checks types only when the object is created or an action is performed on the type. The Entity class requires types to be explicitly specified to prevent implicit casts.
If you want to share some information between multiple plugin, you can create entity to hold such information and read in different plugins (plugins not running in same transaction).
The CRM platform throws an error stating that it has identified an infinite loop. This usually happens after the number of iterations reaches a maximum of 8. We can fix this by adding a depth check at the start of our plugin code, just after we initialize each of the service objects.
It is probably possible, but hugely complicated. We had a project using Dynamics which moved to ADFS, and required adding lots of extra code around refreshing tokens (code form autorefreshsecuritytoken.cs, deviceidmanager.cs and toolserviceproxies.cs from the SDK) and that was still using the SDK for everything.
Bare in mind you also need windows.identification installed in the OS which is another load of functionality to copy.
In the end you can always just use JustDecompile or similar to see what the SDK is doing.
195
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
