locked
Custom 'Central' Login Page for Hosted CRM Provider RRS feed

  • Question

  • Hello,

    We host MS CRM v4.0 for our customers in an IFD configured deployment. I'm wondering if anyone can provide some insight on the following scenario which I'd like to implement:

    I'd like to make a 'central' SignIn page for all hosted tenants (organizations).

    As you know, each tenant in an IFD configuration has a unique URL for their deployment in the form of https://[organizationName].domain.com. So, when browsing to the tenant for Org1, you’d type https://org1.domain.com into your browser and then would be redirected to the signin page at https://org1.domain.com/signin.aspx to authenticate. If you want to access hosted tenant Org2, you would browse to https://org2.domain.com and then be redirected to https://org1.domain.com/signin.aspx.

    This model works well when you know the URL of the tenant you're wanting to login to. What I want to do is handle the scenario in which the user does not know the URL of their specific tenant. I want to make a custom signin page that will be deployed to a remote server (not in the ISV folder of the CRM web site). This page would allow the user to enter their username & password and click a Sign In button. Upon clicking the Sign In button, a call to the CrmDiscoveryService would be made, executing a RetrieveOrganizationsRequest() to discover which Organizations the user belongs to. The list of Orgs would be displayed in a drop down where the user could then choose which of their tenants they'd like to login to.

    I have this part developed and it's all working well. My question is, can I programmatically create the necessary Forms Auth cookie and authenticate with the user’s selected tenant? I have been unable to find a way of doing this thru the API SDK. The best I’ve been able to come up with at this point is redirecting the user to the correct URL for their selected tenant, but they then are asked to re-enter their credentials with the signin.aspx page of their tenant. This obviously isn’t ideal.

     

    If you have any helpful information, please let me know.

     

    Thanks!

    Thursday, September 17, 2009 7:25 PM

Answers

  • Unfortunately, spoofing the authentication token is not esily done by the applicaiton.  You might be able to do soemthign via javascript and some redirection, but it owuld require some digging.
    Matt, MVP - Dynamics CRM
    Wednesday, October 28, 2009 3:26 AM