我们最近将Dynamics CRM配置为使用ADFS进行IFD。我们正在尝试从.Net 3.5连接到它,因此我们无法使用CRM SDK。下面是我们在配置IFD之前使用的代码,它工作正常。
HttpsTransportBindingElement httpTransport = new HttpsTransportBindingElement();
httpTransport.AuthenticationScheme = System.Net.AuthenticationSchemes.Ntlm;
httpTransport.HostNameComparisonMode = HostNameComparisonMode.StrongWildcard;
httpTransport.MaxReceivedMessageSize = 1024 * 1024 * 1024;
SecurityBindingElement securityElement = SecurityBindingElement.CreateSspiNegotiationBindingElement(true);
TextMessageEncodingBindingElement textMessageEncoding = new TextMessageEncodingBindingElement();
textMessageEncoding.MaxReadPoolSize = 64;
textMessageEncoding.MaxWritePoolSize = 16;
textMessageEncoding.WriteEncoding = Encoding.UTF8;
CustomBinding customBinding = new CustomBinding(securityElement, textMessageEncoding, httpTransport);
customBinding.OpenTimeout = new TimeSpan(0, 0, 120);
customBinding.ReceiveTimeout = new TimeSpan(0, 0, 120);
customBinding.SendTimeout = new TimeSpan(0, 0, 120);
string remoteAddress = String.Empty;
remoteAddress = "https://" + ServiceUri + "/OrgName/XrmServices/2011/Organization.svc";
ChannelFactory<IOrganizationService> factory = new ChannelFactory<IOrganizationService>(customBinding, remoteAddress);
ClientCredentials loginCredentials = factory.Endpoint.Behaviors.Find<ClientCredentials>();
factory.Endpoint.Behaviors.Remove(loginCredentials);
// step two - instantiate your credentials
loginCredentials = new ClientCredentials();
loginCredentials.Windows.ClientCredential = new System.Net.NetworkCredential(UserName, Password, Domain);
factory.Endpoint.Behaviors.Add(loginCredentials);
IEnumerable<OperationDescription> operations = factory.Endpoint.Contract.Operations;
foreach (OperationDescription operation in operations)
{
DataContractSerializerOperationBehavior dcsob = operation.Behaviors.Find<DataContractSerializerOperationBehavior>();
if (dcsob == null)
{
dcsob = new DataContractSerializerOperationBehavior(operation);
}
operation.Behaviors.Remove(dcsob);
dcsob.MaxItemsInObjectGraph = 1012 * 1024 * 1024;
operation.Behaviors.Add(dcsob);
}
_orgProxy = factory.CreateChannel();
现在,当我们尝试使用此代码连接到CRM时,它会返回以下错误:
</StackTrace><ExceptionString>System.ServiceModel.Security.MessageSecurityException: Security processor was unable to find a security header in the message. This might be because the message is an unsecured fault or because there is a binding mismatch between the communicating parties. This can occur if the service is configured for security and the client is not using security.</ExceptionString></Exception></TraceRecord>
我的问题是我需要哪些额外的安全标头,以及如何修改绑定以包含它们?
答案 0 :(得分:0)
消息显示该服务已配置为安全性,而客户端未使用安全性。 要自动生成客户端配置,可以使用“添加服务引用”选项,或使用SvcUtil.exe生成代理类。