CRM OrganizationServiceProxy身份验证问题

时间:2015-03-03 13:26:39

标签: authentication dynamics-crm-2011

我们遇到一个问题,我们的网络应用程序通过Microsoft.Xrm.Sdk OriganizationServiceProxy调用CRM无法进行身份验证。该问题似乎是特定于环境的,即调用在我们的DEV Web服务器上运行,但在应用程序升级到我们的系统测试环境时失败。失败的代码如下:

using (var serviceProxy = this.serviceFactory.Impersonate(userProvider.PrincipalUserName).ServiceProxy)
                {
                    var countResult = serviceProxy.RetrieveMultiple(new FetchExpression(query));
                    int? count = 0;

                    var entity = countResult.Entities.FirstOrDefault();
                    if (entity != null)
                    {
                        count = (int?)((AliasedValue)entity["activity_count"]).Value;
                    }

                    return count.Value;
                }

我们的日志中显示的错误是:

System.ServiceModel.Security.SecurityNegotiationException:调用者未经过服务身份验证。 ---> System.ServiceModel.FaultException:无法满足安全令牌请求,因为身份验证失败。    在System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(消息消息,EndpointAddress目标)    在System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(消息incomingMessage,SspiNegotiationTokenProviderState sspiState)    ---内部异常堆栈跟踪结束---

我已经仔细检查了IIS网站和CRM设置的apppool身份。这里有什么明显的我们可能错过了吗?

1 个答案:

答案 0 :(得分:0)

我发现与CRM Online的连接花费的时间最长,因此我创建了一个实例来传递OrganizationServiceProxy,并使用显式凭据轻松切换环境。

    IServiceManagement<IOrganizationService> management = ServiceConfigurationFactory.CreateManagement<IOrganizationService>(new Uri(CrmUrl));

    ClientCredentials credentials = new ClientCredentials();
    credentials.UserName.UserName = CrmUserName;
    credentials.UserName.Password = CrmPassword;

    AuthenticationCredentials authCredentials = management.Authenticate(new AuthenticationCredentials { ClientCredentials = credentials });
    SecurityTokenResponse securityTokenResponse = authCredentials.SecurityTokenResponse;

    OrganizationServiceProxy orgProxy = new OrganizationServiceProxy(management, securityTokenResponse);
    orgProxy.EnableProxyTypes();
    _xrmService = new XrmServiceContext(orgProxy)