locked
Frames break GenerateAuthenticationHeader() ? (CRM 2011) RRS feed

  • Question

  • CRM 2011:

    I am working on a CRM 4.0 to 2011 migration of a custom app & code.  In one place I imported an HTML file as a WebResource and had one of our SiteMap subareas link to it (src=$webresource:...).  The HTML has some javascript near the beginning for building a soapHeader that I had to fiddle around with to get it to work:

    var soapHeader = "" + 
    "<?xml version=\"1.0\" encoding=\"utf-8\"?>" + 
    "<soap:Envelope xmlns:soap=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\">" + 
    this.parent.GenerateAuthenticationHeader();
    
    

    which was working fine.  A later part of the page was throwing an error, it turns out because this HTML file was not the main page, but is supposed to be one of the two frames setup by another (simpler) page. 

    So I added that HTML file ("HomePage"), pointed it to this one("ViewPage") and then re-pointed the SiteMap subArea to HomePage.  

    Now the ViewPage part is failing again, specifically with "Object doesn't support property or method 'GenerateAuthenticationHeader'" (IE developer tools).  I have tried many variations of the ".. + this.parent.GenerateAuthenticationHeader()" call, but all fail.

    At this point I am stumped.  Why would frames cause GetauthenticationHeader() to go missing?

    Any help much appreciated ...

    (FYI:, I am new to CRM and its been 10 years since I did any serious HTML/JScript programming, but I am familiar with software, programming, debugging, Microsoft products, etc...)


    -- RBarryYoung, (302)375-0451 blog: MovingSQL.com, Twitter: @RBarryYoung
    Proactive Performance Solutions, Inc.
    "Performance is our middle name."

    Please! Remember to Vote all helpful replies as Helpful
    Friday, February 3, 2012 8:27 PM

Answers

  • The Generate Authentication Header has been moved to the Xrm.Page.context object in JScript.  You can use Xrm.Page.getAuthenticationHeader()  to get the CRM 4.0 version of the header itself.  If you end up using the CRM 2011 REST End-Point then this header is not needed.

    Also, since it looks like you are hosting this "outside" of a Form in the sitemap you will need to add a reference in your HTML file to ClientGlobalContext.aspx.  You can find the relative path from with the SDK.  Typically, if you just upload the resource directly and do not specify any virtual paths, I think the path ends up being ../../ClientGlobalContext.aspx

    Jeremy

    Saturday, February 4, 2012 12:24 AM
  • The getAuthenticationHeaders() method replaces the GenerateAuthenticationHeader(), which is why it mentions it being deprecated to provide backwards compatibility withe SOAP EndPoint.  If GenerateAuthenticationHeaders() would have been carreid forward we most likely would have seen it in the SDK.  It's not clear that it was replaced but reading throught he SDK it's more inferred.

    So let me try to understand what your page actually looks like here:

    1. You have a web resource setup called "HomePage", what is the schema name of this page ( the "new_" portion)?

    2. Inside of this "HomePage" resource, you have a Frame that contains a reference to the "View Page" is that correct?

    3. When you changed the code in the Home Page to use the ClientGlobalContext and the Xrm.Page.context.getAuthenticationHeader() error, what error message did you get when tracing through?  That would be helpful to make sure that your "HomePage" actually loaded the ClientGlobalContext and that you were actually able to reference the Xrm.Page.context object.

    4. When you added your web resource to Form, did you make sure the "Cross-Frame Scripting" was enabled and not disabled?  Also, with this "ViewPage" you are not redirecting the URL of the "HomePage" correct?

    5. Would you be willing to post the actualy JScript you have setup on the HomePage.html (mainly interested in the references and functions) used and the main block of code that you are using from this child page to actually call the parent?

    Jeremy


    Jeremy Winchell Avtex http://blog.avtex.com
    Monday, February 6, 2012 4:32 PM
  • Monday, February 6, 2012 4:26 PM
    Moderator

All replies

  • (I just realized the there is a more appropriate Forum, "CRM Development" for my question, so if some kind moderator could move it there, I would much appreciate it.)
    -- RBarryYoung, (302)375-0451 blog: MovingSQL.com, Twitter: @RBarryYoung
    Proactive Performance Solutions, Inc.
    "Performance is our middle name."

    Please! Remember to Vote all helpful replies as Helpful
    Friday, February 3, 2012 8:31 PM
  • The Generate Authentication Header has been moved to the Xrm.Page.context object in JScript.  You can use Xrm.Page.getAuthenticationHeader()  to get the CRM 4.0 version of the header itself.  If you end up using the CRM 2011 REST End-Point then this header is not needed.

    Also, since it looks like you are hosting this "outside" of a Form in the sitemap you will need to add a reference in your HTML file to ClientGlobalContext.aspx.  You can find the relative path from with the SDK.  Typically, if you just upload the resource directly and do not specify any virtual paths, I think the path ends up being ../../ClientGlobalContext.aspx

    Jeremy

    Saturday, February 4, 2012 12:24 AM
  • Just bear in mind also that using authentication headers in 2011 is deprecated.
    Jamie Miley
    Check out my about.me profile!
    http://mileyja.blogspot.com
    Linked-In Profile
    Follow Me on Twitter!
    Saturday, February 4, 2012 10:43 PM
    Moderator
  • Just bear in mind also that using authentication headers in 2011 is deprecated.
    Jamie Miley
    Check out my about.me profile!
    http://mileyja.blogspot.com
    Linked-In Profile
    Follow Me on Twitter!
    What's the preferred alternative?
    -- RBarryYoung, (302)375-0451 blog: MovingSQL.com, Twitter: @RBarryYoung
    Proactive Performance Solutions, Inc.
    "Performance is our middle name."

    Please! Remember to Vote all helpful replies as Helpful
    Sunday, February 5, 2012 5:37 AM
  • You only need to use the Xrm.Page.context.getAuthenticationHeaders() method, if you keep you JScript web service calls pointed at the CRM 4.0 EndPoint.  Depending on what exactly your HTML Web Resource is trying to, the CRM 2011 REST End-Point (basic CRUD operations).  It's a lot less code than generating all of the XML.  Plus, since you can use JSON to parse the results you can work with your result set using named objects as opposed to parsing out the return XML like you had to do in the past.

    There are a lot of examples in the CRM 2011 SDK of how to use the REST End-Point with JScript.  A good example is under the SDK  /samplecode/js/restcontacteditor (may not be the exact path but should be close.  I also have an example out there http://blog.avtex.com/2012/01/24/updating-a-child-entity-using-jscript-and-the-rest-endpoint-for-crm-2011/

    Jeremy

    Sunday, February 5, 2012 4:57 PM
  • Let me answer some of the previous suggestions:

     

    Authentication Headers are Deprecated:

    I cannot find any indication of that in the documentation.  Only that Soap headers are "not preferred", which is very different from "Deprecated".

    GenerateAuthenticationHeader() was moved to Xrm.Page.context.getAuthenticationHeaders(), so use Xrm.Page.context.getAuthenticationHeaders() instead:

    According to the 2011 doc (here), it's Xrm.Page.context.getAuthenticationHeaders() that's deprecated.  I cannot find any mention that GenerateAuthenticationHeader() was either moved or deprecated.  Nonetheless, I have tried both, and the global getAuthenticationHeaders() as well.  None work.

    Add a reference to ClientGlobalContext.aspx:

    This did not change my results, nor any of the variations above (except which error message I got sometimes).

    Use the REST End-Point and JSON,  instead of CRM 4.0 End Point:

    AFAIK, the CRM 4.0 end point is supported, especially for migrations like this.  Using REST and JSON may involve writing less code from scratch, but our 4.0 code is already completely written and debugged (on 4.0).  My job is just to get it working on 2011.  Which brings me back to my original question, which we seem to have strayed from ...

     

    Why does the addition of Frames cause GenerateAuthenticationHeader() to stop working, and how can I get it to work again?

    Any help on this question would be greatly appreciated.


    -- RBarryYoung, (302)375-0451 blog: MovingSQL.com, Twitter: @RBarryYoung
    Proactive Performance Solutions, Inc.
    "Performance is our middle name."

    Please! Remember to Vote all helpful replies as Helpful
    Monday, February 6, 2012 4:08 PM
  • Monday, February 6, 2012 4:26 PM
    Moderator
  • The getAuthenticationHeaders() method replaces the GenerateAuthenticationHeader(), which is why it mentions it being deprecated to provide backwards compatibility withe SOAP EndPoint.  If GenerateAuthenticationHeaders() would have been carreid forward we most likely would have seen it in the SDK.  It's not clear that it was replaced but reading throught he SDK it's more inferred.

    So let me try to understand what your page actually looks like here:

    1. You have a web resource setup called "HomePage", what is the schema name of this page ( the "new_" portion)?

    2. Inside of this "HomePage" resource, you have a Frame that contains a reference to the "View Page" is that correct?

    3. When you changed the code in the Home Page to use the ClientGlobalContext and the Xrm.Page.context.getAuthenticationHeader() error, what error message did you get when tracing through?  That would be helpful to make sure that your "HomePage" actually loaded the ClientGlobalContext and that you were actually able to reference the Xrm.Page.context object.

    4. When you added your web resource to Form, did you make sure the "Cross-Frame Scripting" was enabled and not disabled?  Also, with this "ViewPage" you are not redirecting the URL of the "HomePage" correct?

    5. Would you be willing to post the actualy JScript you have setup on the HomePage.html (mainly interested in the references and functions) used and the main block of code that you are using from this child page to actually call the parent?

    Jeremy


    Jeremy Winchell Avtex http://blog.avtex.com
    Monday, February 6, 2012 4:32 PM
  • My guess is that they do not want to replace the jscript authentication header at all as it is a security risk and could provide impersonation from the client side without even providing a password by manipulating the callerid.

    I could be wrong on that one though, so feel free to let me know if you think I am on track.


    Jamie Miley
    Check out my about.me profile!
    http://mileyja.blogspot.com
    Linked-In Profile
    Follow Me on Twitter!

    Monday, February 6, 2012 4:37 PM
    Moderator