locked
Silverlight CRM "OpenThreadToken failed with hr=1008" in accessing WCF service RRS feed

  • Question

  • Hi,

    I am not able to use impersonation in silverlight and getting "OpenThreadToken failed with hr=1008"  error,its working fine in normal aspx pages but it is giving error in silverlight pages please help me

     

    Thanks in advance

    Monday, October 25, 2010 5:01 AM

Answers

  • Silverlight using different version of .net than CRM 4.0 so user context won't be pass to Silverlight application.

    I had similar problem. I have passed the User Guid from QueryString while opening Silverlight application from CRM and then used the same UserId to access CRM service in my WCF layer.

    Here is the code I used

     public class Impersonation
      {
        [STAThread]
        public static void Main(string[] args)
        {
          CrmAuthenticationToken token = new CrmAuthenticationToken();
          token.AuthenticationType = 0; // Use Active Directory authentication.
          token.OrganizationName = "AdventureWorksCycle";
    
          // Use the global user ID of the system user that is to be impersonated.
          token.CallerId = new Guid("94092D6F-B367-DC11-9C93-0003FFDFCE28");
    
          CrmService crmService = new CrmService();
          crmService.Url = "http://localhost/MSCRMServices/2007/CrmService.asmx";
          crmService.CrmAuthenticationTokenValue = token;
          crmService.Credentials = System.Net.CredentialCache.DefaultCredentials;
    
          // Create a new account owned by the impersonated user.
          account account = new account();
          account.name = "Fabrikam";
          Guid accountid = crmService.Create(account);
        }
      }
    
    

    http://msdn.microsoft.com/en-us/library/cc151052.aspx

     

     


    Jai Ho CRM http://mscrmkb.blogspot.com Skype - amol.gholap

    Mark as answer if a post has answered the question
    Monday, October 25, 2010 5:12 AM

All replies

  • 10-22-2010 9:06 AM |

     


    Hi,

    I am not able to use impersonation in silverlight and getting "OpenThreadToken failed with hr=1008"  error,its working fine in normal aspx pages but it is giving error in silverlight pages please help me

     

    Thanks in advance

    • Merged by DavidJennawayMVP, Moderator Thursday, November 4, 2010 1:59 PM Duplicate thread. Please only post the question in one forum
    Monday, October 25, 2010 4:46 AM
  • Hi,

    The CrmImpersonator only works when your web page in executed in the context of CRM. Developing ASP.NET applications for Microsoft Dynamics CRM 4.0
    (http://www.stunnware.com/crm2/topic.aspx?id=ASPNET1) should help.

    Regards

    TGB


    Microsoft Certified Business Management Solutions Specialist
    Monday, October 25, 2010 4:51 AM
  • Hi,

    I am not able to use impersonation in silverlight and getting "OpenThreadToken failed with hr=1008"  error,its working fine in normal aspx pages but it is giving error in silverlight pages please help me

     

    Thanks in advance

    • Merged by DavidJennawayMVP, Moderator Thursday, November 4, 2010 1:59 PM Duplicate thread. Please only post the question in one forum
    Monday, October 25, 2010 5:03 AM
  • Thanks for replay

     

    I have already tried this but it wasn't helped me still i am getting same error???????? 

    Monday, October 25, 2010 5:05 AM
  • Silverlight using different version of .net than CRM 4.0 so user context won't be pass to Silverlight application.

    I had similar problem. I have passed the User Guid from QueryString while opening Silverlight application from CRM and then used the same UserId to access CRM service in my WCF layer.

    Here is the code I used

     public class Impersonation
      {
        [STAThread]
        public static void Main(string[] args)
        {
          CrmAuthenticationToken token = new CrmAuthenticationToken();
          token.AuthenticationType = 0; // Use Active Directory authentication.
          token.OrganizationName = "AdventureWorksCycle";
    
          // Use the global user ID of the system user that is to be impersonated.
          token.CallerId = new Guid("94092D6F-B367-DC11-9C93-0003FFDFCE28");
    
          CrmService crmService = new CrmService();
          crmService.Url = "http://localhost/MSCRMServices/2007/CrmService.asmx";
          crmService.CrmAuthenticationTokenValue = token;
          crmService.Credentials = System.Net.CredentialCache.DefaultCredentials;
    
          // Create a new account owned by the impersonated user.
          account account = new account();
          account.name = "Fabrikam";
          Guid accountid = crmService.Create(account);
        }
      }
    
    

    http://msdn.microsoft.com/en-us/library/cc151052.aspx

     

     


    Jai Ho CRM http://mscrmkb.blogspot.com Skype - amol.gholap

    Mark as answer if a post has answered the question
    Monday, October 25, 2010 5:12 AM
  • Thanks for replay

     

    I want Impersonation for IFD.... any idea?

    Monday, October 25, 2010 5:15 AM

  • Thanks for Replay

     

    It is work in On_Premise... Will it work for IFD???????

    Monday, October 25, 2010 6:49 AM
  • Yes, It will work for IFD as well
    Jai Ho CRM http://mscrmkb.blogspot.com Skype - amol.gholap

    Mark as answer if a post has answered the question
    Monday, October 25, 2010 9:28 AM
  • Here's another solution.
     
    This page helped me resolve a problem that I was having that plagued more over multiple Dynamics CRM projects. "OpenThreadToken failed with hr = 1008"Also reference: (Microsoft.Crm.Sdk.DLL)  
    using (new CrmImpersonator())
    {
     ...
    }
    
    

    ========
    I had a WCF service that needed to communicate with Dynamics CRM in a standard way. It also needed to use the standard security modem for IFD.

    I didn't want to have the user prompted to enter credentials and I wanted to be able to secure the WCF service using the Windows security (Kerberos or NTLM).
    So, what is the solution, I looked everywhere for a fix or a work around. I could not find one after a couple of days.

    ========
    Create a seperate assembly/DLL, like the one below.
    using System;
    using System.Collections.Generic;
    using System.Linq;
    using System.Text;
    using System.Runtime.InteropServices;
    
    namespace ClassLibrary1
    {
     public static class NativeMethodCalls
     {
     [DllImport("advapi32.dll", SetLastError = true)]
     internal static extern int ImpersonateLoggedOnUser(IntPtr hToken);
    
     [return: MarshalAs(UnmanagedType.Bool)]
     [DllImport("advapi32.dll", SetLastError = true)]
     internal static extern bool RevertToSelf();
     }
     public class CrmImpersonator : IDisposable
     {
     public CrmImpersonator(IntPtr token)
     {
     int iRc = NativeMethodCalls.ImpersonateLoggedOnUser(token);
     }
     ~CrmImpersonator()
     {
     Dispose();
     }
     public void Dispose()
     {
     bool bRc = NativeMethodCalls.RevertToSelf();
     }
     }
    }
    
    
      
    ========
    Now, we have to be able to instantiate this correctly and pass the security token in from the WCF Service.
    Below, I will create the call so that you know how this is called.using System;
    using System;
    using System.Linq;
    using System.Runtime.Serialization;
    using System.ServiceModel;
    using System.ServiceModel.Activation;
    using System.ServiceModel.Web;
    
    using Microsoft.Crm.Sdk;
    using Microsoft.Crm.Sdk.Query;
    using Microsoft.Crm.SdkTypeProxy;
    using Microsoft.Win32;
    using System.Web;
    using System.Diagnostics;
    using System.Xml.Linq;
    using System.Text;
    
    using ClassLibrary1; 
    
    namespace WcfService1
    {
     [ServiceContract(Namespace = "")]
     [AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]
     public class CRMAccess2
     {
     bool _isDevEnvironment;
     string _orgName;
     string _crmServiceUrl;
     HttpContext Context;
     HttpRequest Request;
    
     string result = string.Empty;
    
     [OperationContract]
     public string WhoAmIRequest(string organization)
     {
     // Set the Context and Request objects...
     Context = HttpContext.Current;
    
     if (HttpContext.Current == null)
     Request = null;
     else
     Request = HttpContext.Current.Request;
    
     result = string.Empty;
    
     try
     {
     this._orgName = organization;
     this._crmServiceUrl = this.BuildCrmServiceUrl();
    
     using (new CrmImpersonator3(OperationContext.Current.ServiceSecurityContext.WindowsIdentity.Token))
     {
      CrmAuthenticationToken token = this.CreateAuthenticationToken();
      CrmService crmService = this.CreateCrmService(token);
    
      WhoAmIRequest req = new WhoAmIRequest();
      WhoAmIResponse res = (WhoAmIResponse)crmService.Execute(req);
      return res.UserId.ToString();
     }
     }
     catch (Exception ex)
     {
     return "bad - " + ex.Message;
     }
     }
    
     private CrmAuthenticationToken CreateAuthenticationToken()
     {
     CrmAuthenticationToken token;
     CrmAuthenticationToken.ExtractCrmAuthenticationToken(this.Context, this._orgName);
    
     token = new CrmAuthenticationToken();
     token.AuthenticationType = AuthenticationType.AD;
     token.OrganizationName = this._orgName;
    
     return token;
     }
     }
    }
    
    

    Lastly, don't forget to sign your assembly with a strong name.

    Happy Dynamics coding!

    ..X..

     


    Wednesday, June 22, 2011 8:28 PM