locked
Storing Configuration Data for Microsoft Dynamics CRM Plug-ins RRS feed

  • Question

  • Hi,

      can any one explain what is the use of "Secure configuration" and "Unsecure configuration" in Plug in registration in crm 4.0 version. And how the registration will be taken process. Please help me out from this position.

    • Moved by JOshiro Thursday, January 20, 2011 6:45 PM question re: MS Dynamics CRM (From:Windows Live Messenger Connect)
    Thursday, January 20, 2011 6:42 AM

Answers

  • Ok, I believe I'm right about the nature of encryption on the Secure Configuration data (I knew I had read it somewhere ).  From these two sites:

    http://mscrm4humans.wordpress.com/2010/04/26/crmplugin-registration-tool/

    http://www.mercureintegration.com/blog/category/Development.aspx

    The following declaration is made:  "SecureConfiguration (SdkMessageProcessingStepSecureConfig): Only System Admins have access to PrvRead on this entity. So information stored in this field is secure by CRM security model. (Note: CRM does not encrypt the data in this field)"


    Dave Berry - MVP Dynamics CRM - http:\\crmentropy.blogspot.com Please follow the forum guidelines when inquiring of the dedicated CRM community for assistance.


    Confirmed; the Secure Configuration is stored in the database in plain text.  However, it is stored in a separate table from the Unsecure Configuration (which is stored along with the rest of the Plugin Step registration information).

    I'm guessing that the table in which the Secure Config is stored is not copied to an Offline client.


    --pogo (pat)
    Friday, January 21, 2011 1:01 AM

All replies

  • They are a supported mechanism to pass configuration data to a plugin.  Because the recommended storage mechanism for plugins is in the CRM database, it is not possible for a plugin to access configuration files etc as other applications/assemblies can.

    'Secure configuration' should be used to store sensitive information such as usernames and passwords.

    I'm not sure what you mean by "how the registration will be taken process".

    Have a read through the CRM SDK documentation on Plug-in Development.


    --pogo (pat)
    Thursday, January 20, 2011 11:05 PM
  • Both configuration "fields" are open to your own interpretation regarding the data and mechanism you use to interpret it.  Most people find that using XML is easiest, but there is no limitation or requirement.  The "Secure" configuration field, I believe is treated differently by the platform when it comes to caching the information within it, but again the information you store in it, and how you make it secure is up to you.  It is my understanding that CRM does not encrypt or decrypt its contents, and those routines would need to be built into your Plug-in code.  I've seen people use licensing mechanisms where an encrypted "key" is provided to the "Secure Configuration" field, which is then interpreted by the Plug-in's constructor to validate the key and unlock functionality of the Plug-in; whereas the "Unsecure Configuration" field is used to supply XML that defines parameters of the Plug-in's functionality.  Again, this is all up to interpretation by the developer.
    Dave Berry - MVP Dynamics CRM - http:\\crmentropy.blogspot.com Please follow the forum guidelines when inquiring of the dedicated CRM community for assistance.
    Thursday, January 20, 2011 11:23 PM
    Moderator
  • I actually might be wrong about my understanding about the secure configuration data.  This thread suggests that it is encrypted in the database .  However, I'm struggling to find any other proof of that declaration (I don't use secure configs myself, so I really haven't bothered to check).  Additional information can be found in these locations:

    http://blogs.msdn.com/b/crm/archive/2008/10/24/storing-configuration-data-for-microsoft-dynamics-crm-plug-ins.aspx

    http://mscrm-developer.blogspot.com/2010/06/writing-plug-in-constructor.html


    Dave Berry - MVP Dynamics CRM - http:\\crmentropy.blogspot.com Please follow the forum guidelines when inquiring of the dedicated CRM community for assistance.
    Thursday, January 20, 2011 11:32 PM
    Moderator
  • Ok, I believe I'm right about the nature of encryption on the Secure Configuration data (I knew I had read it somewhere ).  From these two sites:

    http://mscrm4humans.wordpress.com/2010/04/26/crmplugin-registration-tool/

    http://www.mercureintegration.com/blog/category/Development.aspx

    The following declaration is made:  "SecureConfiguration (SdkMessageProcessingStepSecureConfig): Only System Admins have access to PrvRead on this entity. So information stored in this field is secure by CRM security model. (Note: CRM does not encrypt the data in this field)"


    Dave Berry - MVP Dynamics CRM - http:\\crmentropy.blogspot.com Please follow the forum guidelines when inquiring of the dedicated CRM community for assistance.
    Thursday, January 20, 2011 11:37 PM
    Moderator
  • :o)  This thread made me run off and do a bit more reading too!

    I don't think we've yet mentioned that the Secure Configuration string is not passed to an offline client plugin.  I saw one reference that indicate that this is to prevent "secure" information from being distributed to clients, but could find nothing official to support this being its reason for existence.


    --pogo (pat)
    Friday, January 21, 2011 12:46 AM
  • Ok, I believe I'm right about the nature of encryption on the Secure Configuration data (I knew I had read it somewhere ).  From these two sites:

    http://mscrm4humans.wordpress.com/2010/04/26/crmplugin-registration-tool/

    http://www.mercureintegration.com/blog/category/Development.aspx

    The following declaration is made:  "SecureConfiguration (SdkMessageProcessingStepSecureConfig): Only System Admins have access to PrvRead on this entity. So information stored in this field is secure by CRM security model. (Note: CRM does not encrypt the data in this field)"


    Dave Berry - MVP Dynamics CRM - http:\\crmentropy.blogspot.com Please follow the forum guidelines when inquiring of the dedicated CRM community for assistance.


    Confirmed; the Secure Configuration is stored in the database in plain text.  However, it is stored in a separate table from the Unsecure Configuration (which is stored along with the rest of the Plugin Step registration information).

    I'm guessing that the table in which the Secure Config is stored is not copied to an Offline client.


    --pogo (pat)
    Friday, January 21, 2011 1:01 AM
  • Thank you very much for your answer. I have another doubt , when ever I use a dynamic WCF service then how could it be changed in the code. Can you explain me
    Friday, January 21, 2011 10:37 AM
  • Unsecure Configuration: Passed as a first parameter to a plugin’s constructor when it has 1 or 2 string input parameters. This configuration value is downloaded to the user’s computer when they go offline making it Unsecure.

    Secure Configuration: Passed as second parameter to the plugin’s constructor when it has to 2 string input parameter . The configuration value is NOT downloaded to User’s Computer when they go Offline


    Sanjay
    Thursday, May 19, 2011 7:07 PM