Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Calling WCF service from Plugin fails RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi there,

    I am trying to call a WCF service from a plugin. But it fails with the exception:

    Request for the permission of type 'System.Security.Permissions.EnvironmentPermission, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

    I am running in the context of the Calling User.

    Here is the code:

    BasicHttpBinding binding = new BasicHttpBinding ();
                    EndpointAddress endPoint = new EndpointAddress(@"http://[servername]-services/CustomerService.svc");
                    ChannelFactory<ICustomerService> servicechannel = new ChannelFactory<ICustomerService>();
                    ClientCredentials loginCredentials = new ClientCredentials();
                    loginCredentials.Windows.ClientCredential = System.Net.CredentialCache.DefaultNetworkCredentials;
                    servicechannel.Endpoint.Binding = binding;
                    servicechannel.Credentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
                    var serviceProxy = servicechannel.CreateChannel(endPoint);

                    Trace("Build up request");
                    var request = new NoteRequest()
                        {
                            CustomerNumber = customerNumber,
                            ReferenceDate = refDate,
                            TypeOfNote = typeOfNote,
                            AccountNumber = accountNumber,
                            NoteDescription = description,
                            Title = title
                            
                        };
                    Trace("Call webservice Events");
                    var response = serviceProxy.SaveNote(request);
                    
                    if (!response.Result)
                    {
                        Trace("Call to webservice failed");
                        throw new Exception(response.Message);
                    }
                    else
                    {
                        Trace("Call to webservice succeeded");
                    }
                }
                catch (Exception ex)
                {
                    Trace("Exception occurred:" + ex.Message);
                    throw ex;
                }

    Friday, April 5, 2013 8:07 AM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    I think the main issue is your use of Credentials. One of the lines (probably System.Net.CredentialCache.DefaultNetworkCredentials ) requires the EnvironmentPermission, which is not permitted in the Sandbox.

    It will not be possible to pass the CRM user's credentials to the WCF service, as plugin code runs under the AD context of the CRM service account. You can get the calling user's CRM systemuserid, but not any AD credentials.

    So , the simple solution is to make the WCF call anonymously, if this is permitted. If not, you'll have to spend some time thinking how secure you need to access to the WCF service to be

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by Mark Willems Wednesday, April 10, 2013 3:13 PM
    Friday, April 5, 2013 2:47 PM
    Moderator

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Do you run your plugin in sandbox mode? Check this article to know limitations. If your are in on-premise try run the plugin out of sandbox in crm online the only option is in sandbox mode.

    Hope this helps.
    If i answered your question, please mark the response as an answer and also vote as helpful.

    Pedro Azevedo Crm Specialist 4.0\2011

    Friday, April 5, 2013 1:42 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I think the main issue is your use of Credentials. One of the lines (probably System.Net.CredentialCache.DefaultNetworkCredentials ) requires the EnvironmentPermission, which is not permitted in the Sandbox.

    It will not be possible to pass the CRM user's credentials to the WCF service, as plugin code runs under the AD context of the CRM service account. You can get the calling user's CRM systemuserid, but not any AD credentials.

    So , the simple solution is to make the WCF call anonymously, if this is permitted. If not, you'll have to spend some time thinking how secure you need to access to the WCF service to be

    Microsoft CRM MVP - http://mscrmuk.blogspot.com/ http://www.excitation.co.uk

    • Marked as answer by Mark Willems Wednesday, April 10, 2013 3:13 PM
    Friday, April 5, 2013 2:47 PM
    Moderator