通过代码(C#)使用Microsoft Dynamics CRM 2011(IFD)对用户进行身份验证
[英]Authenticate users with Microsoft Dynamics CRM 2011 (IFD) through code (C#)
问题描述
I have internet facing Dynamics CRM 2011 deployment on Rollup 17 hosted in Azure. 
我在Azure上托管的汇总17上有面向Internet的Dynamics CRM 2011部署。
The deployment was configured according to the guide provided on Microsoft website ( http://www.microsoft.com/en-us/download/details.aspx?id=41701 ). 根据Microsoft网站( http://www.microsoft.com/en-us/download/details.aspx?id=41701 )上提供的指南配置了部署。
When accessing the application the authentication through ADFS works fine and I can access it successfully. 访问应用程序时,通过ADFS的身份验证工作正常,我可以成功访问它。
I'm also trying to build a custom web application that will connect to the CRM. 我还试图构建一个将连接到CRM的自定义Web应用程序。 I've downloaded CRM 2011 SDK and tried to run the sample code found in \\SDK\\SampleCode\\CS\\QuickStart. 我已经下载了CRM 2011 SDK,并尝试运行\\ SDK \\ SampleCode \\ CS \\ QuickStart中的示例代码。 However, the authentication fails with the following error: 但是,身份验证失败并显示以下错误:
The request channel timed out while waiting for a reply after 00:00:59.9969195. 请求通道在00:00:59.9969195之后等待答复时超时。 Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. 增加传递给请求的调用的超时值,或者增加绑定上的SendTimeout值。 The time allotted to this operation may have been a portion of a longer timeout. 分配给该操作的时间可能是较长超时的一部分。
When going to inner exception details I can see: 当转到内部异常详细信息时,我可以看到:
The HTTP request to ' http://sts1.mydomain.com.au/adfs/services/trust/13/username ' has exceeded the allotted timeout of 00:01:00. 对“ http://sts1.mydomain.com.au/adfs/services/trust/13/username ”的HTTP请求已超过分配的超时时间00:01:00。 The time allotted to this operation may have been a portion of a longer timeout. 分配给该操作的时间可能是较长超时的一部分。
I'm trying to figure out why is it trying to access the username endpoint through HTTP. 我试图弄清楚为什么它试图通过HTTP访问用户名端点。 When I open port 80 on my ADFS server it woks fine and I can authenticate. 当我在ADFS服务器上打开端口80时,它可以正常工作并且可以进行身份验证。 However, I don't want to have port 80 open and I want all the communication to go through HTTPS!! 但是,我不想打开端口80,我希望所有通信都通过HTTPS!
I've tried all the potential solutions found by Google but to no avail. 我已经尝试了Google发现的所有潜在解决方案,但都没有成功。
Any help will be greatly appreciated. 任何帮助将不胜感激。
1 个解决方案
解决方案1
1 已采纳 2015-02-22 11:07:08
We've worked with Microsoft Support guys, and they replicated our environment in order to see what's going on. 我们已经与Microsoft支持人员合作,他们复制了我们的环境以查看发生了什么情况。 However, for them the authentication request was going to the usernamemixed endpoint which supposedly was the correct behavior as it uses HTTPS. 但是,对于他们来说,身份验证请求将转到用户名混合的终结点,这应该是正确的行为,因为它使用HTTPS。
After some testing we decided to disable the username endpoint and to our surprise, the requests started to go to the usernamemixed endpoint and it's all working fine now. 经过一些测试,我们决定禁用用户名端点,令我们惊讶的是,请求开始进入用户名混合端点,并且现在一切正常。
So, not sure why it didn't use the usernamemixed endpoint straight away as for the MS Support guys, but after disabling the username endpoint. 因此,不确定为什么不像MS支持人员那样立即使用用户名混合的终结点,而是在禁用用户名终结点之后。 The only difference I can see is that they used Windows Server 2012 R2 and we are using Windows Server 2012. 我看到的唯一区别是,他们使用的是Windows Server 2012 R2,而我们使用的是Windows Server 2012。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.