Thursday, April 26, 2012 3:19 PM
The script calls out to the discovery service using a XMLHTTP /OData URL to retrieve some information. It works fine in "normal" mode. But there is a problem if someone tries to access the Contact form in HTTPS mode.
The main form itself loads OK. But when the script runs it looks like it is getting a 404 error when it calls out to the DiscoveryService using the XMLHTTP/OData.
It doesn't look like our servers are configured for IFD (still trying to learn about that). But I am puzzled by the fact that the main Contact form is loading OK, and only the XMLHTTP request fails.
Is the XMLHTTP failure consistent with an improper IFD configuration?
(Not looking forward to IFD Configuration. It seems a bit intimidating since this is something that I've not done before!)
Thursday, April 26, 2012 6:33 PMModerator
Do you know how the code builds the URL to make the XMLHTTP call ? If it uses GetServerUrl, then it uses the one given url from the server. It sounds like GetServerUrl is returning a Url that uses HTTP, not HTTPS. That would give an error if IE is configured not to display mixed content (i.e. HTTP and HTTPS)
Is there a reason why you can't go for a simple solution, which is to configure the web site to accept only one of HTTP or HTTPS ?
Btw, is there a reaosn why the code accesses the DiscoveryService ? The only reason I can think of that client code would use the DiscoveryService is if it wanted to access a different organisation. I'd've thought you should access the OrganizationService directly
- Edited by DavidJennawayMVP, Moderator Thursday, April 26, 2012 6:33 PM
Thursday, April 26, 2012 6:47 PM
David, (Thanks for your reply!)
The URL is constructed using these two lines:
ServerUrl = location.protocol + "//" + location.host + "/" + parent.Xrm.Page.context.getOrgUniqueName();
return ServerUrl + "/XRMServices/2011/OrganizationData.svc";
So as you can see, we are using the same protocol as the Contact page.
This has some up because we have a distributed organization. Our local office is using HTTP since everything is "inside the wire". But our remote offices use a VPN to access our network and it has been decided that they should access the system using HTTPS (some of the information transmitted is of a sensitive nature) as a security measure.
Based on your question, is a site limited to one or the other protocol (HTTP or HTTPS)?
Is it simply not possible to use both?
I'm dreading having to force all user to switch to HTTPS, especially since most user access the CRM via Outlook. I think that will mean having to re-configure Outlook for all 250+ users (including the users in our remote offices!).