Dynamics crm 2011 Biztalk 2010、ADFS和CRM 2011内部部署
我目前正在为一个客户配置BizTalk 2010作为Dynamics CRM 2011内部部署与ADFS之间的中间件 从CRM 2011接收到BizTalk的消息完全没有问题 然而,另一方面,我将自定义绑定配置为SendPort,似乎找不到在ADFS服务上强制HTTPS和身份验证的正确设置 我可以想象,我需要发送端口中的设置来首先在ADFS上进行身份验证,然后再根据CRM 2011进行身份验证 非常感谢您提供有关此设置和配置的任何其他信息 最新发送端口信息和错误:Dynamics crm 2011 Biztalk 2010、ADFS和CRM 2011内部部署,dynamics-crm-2011,biztalk,crm,adfs,biztalk-2010,Dynamics Crm 2011,Biztalk,Crm,Adfs,Biztalk 2010,我目前正在为一个客户配置BizTalk 2010作为Dynamics CRM 2011内部部署与ADFS之间的中间件 从CRM 2011接收到BizTalk的消息完全没有问题 然而,另一方面,我将自定义绑定配置为SendPort,似乎找不到在ADFS服务上强制HTTPS和身份验证的正确设置 我可以想象,我需要发送端口中的设置来首先在ADFS上进行身份验证,然后再根据CRM 2011进行身份验证 非常感谢您提供有关此设置和配置的任何其他信息 最新发送端口信息和错误: <?xml versio
<?xml version="1.0"?>
<configuration>
<system.serviceModel>
<client>
<remove contract="BizTalk" name="WcfSendPort_Crm" />
<endpoint address="https://crmurl/XRMServices/2011/Organization.svc" behaviorConfiguration="EndpointBehavior" binding="ws2007FederationHttpBinding" bindingConfiguration="ws2007FederationHttpBinding" contract="BizTalk" name="WcfSendPort_Crm" />
</client>
<behaviors>
<endpointBehaviors>
<remove name="EndpointBehavior" />
<behavior name="EndpointBehavior">
<soapProcessing processMessages="false" />
</behavior>
</endpointBehaviors>
</behaviors>
<bindings>
<ws2007FederationHttpBinding>
<clear />
<binding name="ws2007FederationHttpBinding">
<reliableSession enabled="true" />
<security mode="TransportWithMessageCredential">
<message issuedTokenType="http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-pr-SAMLTokenProfile-01.html">
<issuer address="https://adfsurl/STS/Active/STS.svc" binding="ws2007HttpBinding" bindingConfiguration="stsBinding">
<identity>
<dns value="STS" />
</identity>
</issuer>
<issuerMetadata address="https://adfsurl/HRGSTS/Active/HRGSTS/mex%22" />
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
===
HTTPS将是绑定的,CustomBindingElement,allowInsecureTransport=False 对于ADF,您可能必须使用Ws2007HttpBinding或在自定义绑定中复制此设置。可能需要将authenticationMode设置为IssuedToken,对于IssuedToken参数,在Issuer地址中设置ADFS地址,绑定Ws2007HttpBinding并设置绑定配置
在这里查看此博客假设您添加的最后一个代码片段是调用STS时要使用的绑定,并且这是您添加到machine.config的位,正如我当时所做的那样-绑定名称应该是
stsBinding
而不是ws2007HttpBinding
,因为这应该与发送端口配置中issuer元素的bindingConfiguration属性。您好,Dijkgraaf,再次感谢您迄今为止的帮助。我添加了最新的sendport配置,并收到了错误。你看到我的配置中有任何错误吗?我明白你的意思,但是我不明白他在machine.config中添加了什么,他说“这意味着我现在需要在我的WCF配置中有另一组绑定配置”我在我的文章末尾再次添加了我理解应该添加的内容。看起来您的问题是您已经将bindingType和bindingConfiguration设置为ws2007FederationHttpBinding。我建议您的bindingConfiguration应该是唯一的名称。请参阅中的引用绑定。我没有时间测试解决方案,服务器直到明天或后天才可用。我仍然有另一个问题,但由于此特定部分已解决。此线程已关闭。谢谢你,尤西
A message sent to adapter "WCF-Custom" on send port "WcfSendPort_Crm" with URI "https://crmurl/XRMServices/2011/Organization.svc" is suspended.
Error details: System.InvalidOperationException: The channel is configured to use interactive initializer 'System.ServiceModel.Security.InfocardInteractiveChannelInitializer', but the channel was Opened without calling DisplayInitializationUI. Call DisplayInitializationUI before calling Open or other methods on this channel.
Server stack trace:
at System.ServiceModel.Channels.ServiceChannel.ThrowIfInitializationUINotCalled()
at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at System.ServiceModel.ICommunicationObject.Open()
at Microsoft.BizTalk.Adapter.Wcf.Runtime.WcfClient`2.GetChannel[TChannel](IBaseMessage bizTalkMessage, ChannelFactory`1& cachedFactory)
at Microsoft.BizTalk.Adapter.Wcf.Runtime.WcfClient`2.SendMessage(IBaseMessage bizTalkMessage)
MessageId: {337CB1AF-1C4A-484A-9CA6-7E0FD3396138}
InstanceID: {FBCDEE5C-8CA2-4C37-87A5-906448C14479}
<ws2007HttpBinding>
<clear />
<binding name="ws2007HttpBinding">
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None"/>
<message clientCredentialType="UserName"
establishSecurityContext="false"/>
</security>
</binding>
</ws2007HttpBinding>