3

我在我的 CRM 实例上配置了基于声明的身份验证。我正在使用自定义 STS(此处提供示例) 现在我想从一些测试应用程序访问 Web 服务。有没有人有这方面的例子?在 Windows 身份验证的情况下,我尝试使用相同的代码进行连接。但是,当然,不成功。我收到一个错误:

{“在配置的安全令牌服务上找不到身份验证端点 Kerberos!”}

这是连接代码(用于 AD 身份验证类型):

OrganizationServiceProxy orgserv;
      ClientCredentials clientCreds = new ClientCredentials();
      ClientCredentials devCreds = new ClientCredentials();


        clientCreds.Windows.ClientCredential.UserName = "user";
        clientCreds.Windows.ClientCredential.Password = "P@$$w0rd";
        clientCreds.Windows.ClientCredential.Domain = "myDomain";
        IServiceConfiguration<IOrganizationService> orgConfigInfo =
                    ServiceConfigurationFactory.CreateConfiguration<IOrganizationService>(new Uri("https://myCRMServer/myOrg/XRMServices/2011/Organization.svc"));

        using (orgserv = new OrganizationServiceProxy(orgConfigInfo, clientCreds))
        {
          orgserv.ServiceConfiguration.CurrentServiceEndpoint.Behaviors.Add(new ProxyTypesBehavior());
          orgserv.EnableProxyTypes();
          connection = orgserv;
        }

我在某处发现基于声明的身份验证足以仅发送 UPN(用户主体名称)。但同样的错误也会发生。我也尝试过使用用户名/密码组合,但没有成功。

AuthenticationCredentials authCredentials = new AuthenticationCredentials();

...

authCredentials.UserPrincipalName = "user";

...

authCredentials.ClientCredentials.UserName.UserName = _userName;
authCredentials.ClientCredentials.UserName.Password = _password;

之后的错误是:The authentication endpoint Username was not found on the configured Secure Token Service!

4

2 回答 2

3

如果您只是使用 CRM 2011 Web 服务界面,我认为声明甚至不重要。以下代码允许进行身份验证并连接到 CRM 2011 并使用 REST API

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Net;
using System.IO;

namespace CRM_REST_FromConsoleApplication
{
    internal class Program
    {
        private static void Main(string[] args)
        {
            var url = new Uri(@"https://MyServer/MyOrganiation/xrmservices/2011/organizationdata.svc/AccountSet?$select=Name&$top=10");

            HttpWebRequest request = WebRequest.Create(url) as HttpWebRequest;

            //TODO: Set Credentials Here            
            request.Credentials = new NetworkCredential("USERNAME GOES HERE", "PASSWORD GOES HERE", "myDomain");


            using (HttpWebResponse response = request.GetResponse() as HttpWebResponse)
            {
                StreamReader reader = new StreamReader(response.GetResponseStream());

                Console.WriteLine(reader.ReadToEnd());
            }

            Console.WriteLine("Press any key to continue...");
            Console.ReadKey();
        }
    }
}
于 2012-08-24T20:08:26.233 回答
1

我终于解决了这个问题。最后,我配置了 ADFS 并为我的自定义 STS 添加了中继方信任。现在这完美无缺。API 调用通过 ADFS 进行,Web 访问身份验证通过自定义 STS 进行。

于 2013-03-19T22:39:25.727 回答