Reputation: 573
Authentication for Dynamics CRM 2015 (On Premise) SOAP services without ADFS
I know there are quite a few posts on trying to connect to Dynamics CRM already but I haven't found a definitive answer yet. So here goes:
Environment:
- Microsoft Dynamics 2015 On-Premise
- Java SOAP client, running outside of the Windows Domain (not sure if that's relevant)
Although quite old I think this is the most helpful blogpost that I could find about connecting to an On-Premise CRM. However it assumes that there is an ADFS server that I can talk to to get a security token based on a username/password combination. At the moment we don't have an ADFS server present here.
My question is can I use a different way of authenticating for the CRM SOAP services? Or do I have to have a ADFS server present?
Upvotes: 0
Views: 2574
Answers (1)
Reputation: 727
Without ADFS the only other option is Active Directory authentication typically set to use NTLM on the web server (see scheme here: http://www.innovation.ch/personal/ronald/ntlm.html). Typically, NTLM is handled in HTTP libraries via a proxy such as in CURL or .NET. For Java, you should be able to use the NTLM support in HttpClient (https://hc.apache.org/httpcomponents-client-ga/ntlm.html). NTLM is very chatty in terms of the back and forth described in the scheme link above. But as long as your HTTP library supports it, it should be somewhat seamless to you from a usage standpoint.
Below is an example calling the OrganizationData.svc using curl+NTLM with PHP. The process is the same for the SOAP Organization.svc. You would just include the SOAP body and the SOAPAction header such as http://schemas.microsoft.com/xrm/2011/Contracts/Services/IOrganizationService/Execute.
// The host name of the on-premises dynamics instance
$host = 'crm.mycompany.com';
$organization = 'MyCompany';
$crm_url = "http://$host/$organization/";
$username = 'username';
$password = 'password';
$url = $crm_url . 'XRMServices/2011/OrganizationData.svc/SystemUserSet';
$ch = curl_init();
$headers = array(
'Method: GET',
'Connection: keep-alive',
'User-Agent: PHP-SOAP-CURL',
'Content-Type: application/json; charset=utf-8',
'Accept: application/json',
'Host: ' . $host);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$response = curl_exec($ch);
curl_close($ch);
$response=json_decode($response, true);
print_r($response);
Here are a couple of options for NTLM libs for java:
Upvotes: 1
Related Questions
- How to get a SAML token from ADFS sever to pull data from dynamics CRM on-premises (non-sdk) in c#?
- OAuth config for client credentials authentication with Microsoft Dynamics CRM on-premise
- Web Service Authentication to Online Federated Dynamics CRM 2013 from Java
- Authorize WebApp to ADFS in order to access Dynamics CRM Web API
- Dynamics CRM api HttpClient Request Authentication with ADFS 3.0
- Microsoft Dynamics CRM 2013 "The user authentication failed!", ADFS kerberosmixed returns no response
- Is there a way how to authenticate into Dynamics CRM API without username/password
- Authenticate users with Microsoft Dynamics CRM 2011 (IFD) through code (C#)
- Dynamics CRM and WSDL WCF Authentication
- How to specify credentials when connecting to Dynamics CRM web service?