Microsoft Dynamics CRM SOAP &;证书被阻止.&;使用Windows Live ID进行身份验

本文关键字:ID Live Windows 使用 身份 CRM Dynamics SOAP 证书 Microsoft | 更新日期: 2023-09-27 18:09:58

嗨,我正在使用c#中的SOAP在线连接动态以添加自定义实体。使用的登录类型是windows活动帐户。

当我尝试连接到服务器atm时,我遇到了一个奇怪的错误,它似乎刚刚开始,几乎没有解释。

当我尝试使用windows live进行身份验证时,我得到一个xml响应[张贴在结束],其中包含一个错误,说"凭据被阻止。"然而,当我尝试连接一个假的用户名,我知道是无效的,我得到"输入和存储的密码不匹配。"

我已经检查了我的xml响应,我的设备注册很好。它只是验证位。

是否有可能crm以某种方式阻止了此登录(它仍然可以用于登录crm本身,只是不能使用此soap登录)?

是否有一种方法白名单的用户名?

这是我发送的xml获取安全令牌:

<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
                xmlns:a="http://www.w3.org/2005/08/addressing"
                xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                  <s:Header>
                    <a:Action s:mustUnderstand="1">
                    http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</a:Action>
                    <a:MessageID>
                    urn:uuid:88dea52e-97a3-4222-82cd-3c4cde5e3e2f</a:MessageID>
                    <a:ReplyTo>
                      <a:Address>
                      http://www.w3.org/2005/08/addressing/anonymous</a:Address>
                    </a:ReplyTo>
                    <VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">
                    uIDPozBEz+P/wJdOhoN2XNauvYcAAAAAK0Y6fOjvMEqbgs9ivCmFPaZlxcAnCJ1GiX+Rpi09nSYACQAA</VsDebuggerCausalityData>
                    <a:To s:mustUnderstand="1">
                    https://login.live.com/extSTS.srf</a:To>
                    <o:Security s:mustUnderstand="1"
                    xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                      <u:Timestamp u:Id="_0">
                        <u:Created>2013-04-19T12:41:25.256Z</u:Created>
                        <u:Expires>2013-04-19T12:46:25.256Z</u:Expires>
                      </u:Timestamp>
                      <o:UsernameToken u:Id="user">
                        <o:Username>==USERNAME REMOVED FOR POST==</o:Username>
                        <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
                        ==PASSWORD REMOVED FOR POST==</o:Password>
                      </o:UsernameToken>
                      <wsse:BinarySecurityToken ValueType="urn:liveid:device"
                      xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                        <EncryptedData Id="BinaryDAToken0"
                        Type="http://www.w3.org/2001/04/xmlenc#Element"
                        xmlns="http://www.w3.org/2001/04/xmlenc#">
                          <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc">
                          </EncryptionMethod>
                          <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                            <ds:KeyName>http://Passport.NET/STS</ds:KeyName>
                          </ds:KeyInfo>
                          <CipherData>
                            <CipherValue>
                                ==LONG CYPHER VALUE REMOVED FOR POST==
                            </CipherValue>
                          </CipherData>
                        </EncryptedData>
                      </wsse:BinarySecurityToken>
                    </o:Security>
                  </s:Header>
                  <s:Body>
                    <t:RequestSecurityToken xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">
                      <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
                        <a:EndpointReference>
                          <a:Address>urn:crmemea:dynamics.com</a:Address>
                        </a:EndpointReference>
                      </wsp:AppliesTo>
                      <wsp:PolicyReference URI="MBI_FED_SSL"
                      xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" />
                      <t:RequestType>
                      http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType>
                    </t:RequestSecurityToken>
                  </s:Body>
                </s:Envelope>

这是我得到的响应:

<?xml version="1.0" encoding="utf-8" ?>
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:psf="http://schemas.microsoft.com/Passport/SoapServices/SOAPFault">
<S:Body>
<S:Fault>
<S:Code>
<S:Value>
S:Sender</S:Value>
<S:Subcode>
<S:Value>
wst:FailedAuthentication</S:Value>
</S:Subcode>
</S:Code>
<S:Reason>
<S:Text xml:lang="en-US">
Authentication Failure</S:Text>
</S:Reason>
<S:Detail>
<psf:error>
<psf:value>
0x80048823</psf:value>
<psf:internalerror>
<psf:code>
0x80041010</psf:code>
<psf:text>
The credential is blocked.&#x000D;&#x000A;</psf:text>
</psf:internalerror>
</psf:error>
</S:Detail>
</S:Fault>
</S:Body>
</S:Envelope>

Microsoft Dynamics CRM SOAP &;证书被阻止.&;使用Windows Live ID进行身份验

当我在c#代码中去掉换行符时,我的问题就解决了:和我猜XML可能在那里放了一个新的行字符。

我还删除了标签:"uIDPozBEz + P/wJdOhoN2XNauvYcAAAAAK0Y6fOjvMEqbgs9ivCmFPaZlxcAnCJ1GiX + Rpi09nSYACQAA"因为它不需要,(可能已经打破了它,但我怀疑它)