I am working on building custom applications that interface with MSCRM using the OrganizationService using on-premise AD auth. In the future we might switch to using ADFS with STS on premise and I would like to ensure that I do not need to change the upstream code significantly to handle this. The CRM best practices guide mentions that the SDK has a ManagedTokenOrganizationServiceProxyclass that derives from OrganizationServiceProxy which handles token management/refresh. Can this be used in lieu of the OrganizationServiceProxy class even if there is no ADFS/STS? Will the behavior downgrade to that of the OrganizationServiceProxy in absence of an STS and when the ADFS/STS is implemented would the behavior upgrade to token based authentication?
I have a facade in place so that the upstream code does not consume these concrete classes directly and uses IOrganizationService instead. I would like to understand the behavioral differences between the two, especially how the Auto Refresh token functionality works with and without an ADFS/STS behind the scenes and can I simply use the ManagedTokenOrganizationServiceProxy currently without ADFS/STS in place without any gotchas?
UPDATE: The SDK has a ServerConnection class which has an GetOrganizationProxy method which in fact uses ManagedTokenOrganizationServiceProxy if the EndPointType is set to *ActiveDirectory*.
I ended up deriving from this class and overriding the GetServerConfiguration like so since the default implementation is Console based and prompts the user for credentials, and I am looking to host this in a library:
public class DerivedServerConnection : ServerConnection
{
private Configuration config = new Configuration();
public override Configuration GetServerConfiguration()
{
string serverAddress = "<server>.<domain>.com:<port>"; //read from config file
string orgURL = @"https:<someURL>/OrganizationService.svc"; //read from config
Uri organizationUri = new Uri(orgURL);
Uri discoveryUri = null;
if(orgURL.StartsWith("https",StringComparison.OrdinalIgnoreCase))
{
discoveryUri = new Uri(String.Format("https://{0}/XRMServices/2011/Discovery.svc", serverAddress));
}
else
{
discoveryUri = new Uri(String.Format("http://{0}/XRMServices/2011/Discovery.svc", serverAddress));
}
AuthenticationCredentials a = new AuthenticationCredentials();
a.ClientCredentials.Windows.ClientCredential = CredentialCache.DefaultNetworkCredentials;
Configuration config = new Configuration
{
ServerAddress = serverAddress,
OrganizationUri = organizationUri,
DiscoveryUri = discoveryUri,
Credentials = a.ClientCredentials,
EndpointType = AuthenticationProviderType.ActiveDirectory
};
return config;
}
}-Abhijeet