locked
ADFS Authentication RRS feed

  • Question

  • I'm currently trying to figure out why this is failing.

    Here is how I'm building the objects to connect the organization webservice in a go between WCF service.  The deployment is IFD/ADFS

    string uname = WebConfigurationManager.AppSettings["uname"];
            string password = WebConfigurationManager.AppSettings["password"];
            //string domain = WebConfigurationManager.AppSettings["domain"];
            
            //Construct connection objects
            Uri _organizationUri = new Uri(WebConfigurationManager.AppSettings["url"]);
            Uri _homeRealmUri = null;
            ClientCredentials _credentials = new ClientCredentials();
            
            OrganizationServiceProxy _orgProxy; 
            IOrganizationService _service;
    
            IServiceConfiguration<IOrganizationService> config;
    
            //Initialize connection objects
            public void init()
            {
                _credentials.Windows.ClientCredential = new System.Net.NetworkCredential(uname, password);
    
                config = ServiceConfigurationFactory.CreateConfiguration<IOrganizationService>(_organizationUri);
    
                _orgProxy = new OrganizationServiceProxy(config, _credentials);
                //_orgProxy = new OrganizationServiceProxy(_organizationUri, _homeRealmUri, _credentials, null);
                _service = (IOrganizationService)_orgProxy;
    
            }

    Trying to do retrieve (or any other functionality via _service)

    leadEntity = _service.Retrieve("lead", leadID, new ColumnSet(true));
    gets me an error that says "The logon attempt failed!"

    Then I did some googling and found someone suggested putting in the domain like this uname@domain.  That changes the error to:

    SOAP security negotiation with 'https://myaddress/adfs/services/trust/13/kerberosmixed' for target 'https://myaddress/adfs/services/trust/13/kerberosmixed' failed. See inner exception for more details

    The inner exception says this:

    InitializeSecurityContent failed. Ensure the service principal name is correct.


    Any advice on how to fix the connection would be appreciated.

    Monday, January 6, 2014 8:37 PM

Answers

  • Hello,

    Try to use following code:

    public void init()
    {
    	_credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
    	_credentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
    	_credentials.UserName.UserName = uname;
    	_credentials.UserName.Password = password;
    
    	IOrganizationService service = new OrganizationServiceProxy(new Uri(_organizationUri), null, credentials, null);
    }
    


    Dynamics CRM MVP/ Technical Evangelist at SlickData LLC
    My blog

    • Marked as answer by Hoyty Tuesday, January 7, 2014 1:43 PM
    Monday, January 6, 2014 10:03 PM
    Moderator

All replies

  • This sample might help you.


    Ronald

    Monday, January 6, 2014 9:54 PM
  • Hello,

    Try to use following code:

    public void init()
    {
    	_credentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
    	_credentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
    	_credentials.UserName.UserName = uname;
    	_credentials.UserName.Password = password;
    
    	IOrganizationService service = new OrganizationServiceProxy(new Uri(_organizationUri), null, credentials, null);
    }
    


    Dynamics CRM MVP/ Technical Evangelist at SlickData LLC
    My blog

    • Marked as answer by Hoyty Tuesday, January 7, 2014 1:43 PM
    Monday, January 6, 2014 10:03 PM
    Moderator
  • You sir, are the man!

    Thanks so much!
    Tuesday, January 7, 2014 1:44 PM