Scenarios of MS Dynamics CRM 2011 Online Usage in Windows Azure Hosted Applications and Silverlight Applications with Cross Domain Access

Blog Post created by nicolekristen on Feb 13, 2018

Scenario: Direct Access from Silverlight to Dynamics CRM 2011 Online


The standard approach to our case is to host an application as a Windows Azure web site. The web site will host a Silverlight application. The Silverlight application will access a MS CRM 2011 Online and will grab a data. There is the only one weakness in this plan: CRM Online didn’t publish cross domain policy files like crossdomain.xml and clientaccesspolicy.xml. There are no tools to somehow manage this or upload the files as resources. This does mean that you are not able to connect to CRM Online using Silverlight, instead you host it within the CRM. But such scenario requires that all your visitors were registered as CRM users what is not possible for internet-facing application. Let's work around this problem.



Scenario: Access to CRM 2011 Online Organization Service from a Web Server


The approach with accessing CRM from a web server component requires some extra work. First, we need to provide a WCF RIA service for the Silverlight application. This service will wrap a call of CRM Organization service. Additionally, it could be used to increase the security of the application and restrict an API access.



For that scenario, it is required to have a Windows Identity Foundation installed on a server. As expected, there is no WIF installed in a cloud. So you need to add a reference on Microsoft.IdentityModel.dll (C:\Program Files\Reference Assemblies\Microsoft\Windows Identity Foundation\v3.5) in a project with parameter CopyLocal = true. The code for interaction with CRM uses proxy classes from SDK and entities classes generated by CrmSvcUtil.exe. Class DeviceIdManager is also available in SDK samples (sdk\samplecode\cs\helpercode):


string userName = "<windows live>";
string password = "<live password>";

ClientCredentials credentials = new ClientCredentials();
credentials.UserName.UserName = userName;
credentials.UserName.Password = password;

Uri organizationUri =
new Uri(@"");
Uri homeRealmUri = null;
Uri issuerUri = new Uri(@"");

string deviceName, devicePassword;

DeviceIdManager.PersistToFile = true;
ClientCredentials cred = DeviceIdManager.LoadDeviceCredentials(issuerUri);
deviceName = cred.UserName.UserName;
devicePassword = cred.UserName.Password;


DeviceIdManager.PersistToFile = false;
deviceName = "cvrmd6i7y6fozei5renofkmt";
devicePassword = "-r~-~pe`3ecWZ+ExW3Kb%F#Z";


ClientCredentials deviceCredentials =
DeviceIdManager.LoadOrRegisterDevice(issuerUri, deviceName, devicePassword);
OrganizationServiceProxy proxy =
new OrganizationServiceProxy(organizationUri, homeRealmUri, credentials, deviceCredentials);

Xrm.XrmServiceContext context = new Xrm.XrmServiceContext(proxy);
techart_growerapplication gapp = new techart_growerapplication();
gapp.techart_firstname = app.FirstName;
gapp.techart_FamilyName = app.LastName;
gapp.techart_SecondName = app.SecondName;
gapp.EmailAddress = app.Email;




The important notes for this code are as given below:


1. The exact URI for issuer in your case can be found in WSDL for Organization service under:
Hide Copy Code



or you can use WsdlTokenManger class demonstrated in SDK (sdk\samplecode\cs\wsdlbasedproxies\online).


2. The call of EnableProxyTypes is mandatory. You will receive an exception without it:
Hide Copy Code


The formatter threw an exception while trying to deserialize the message:
There was an error while trying to deserialize parameter
The InnerException message was 'Error in line 1 position 8997.
Element ''
contains data from a type that maps to the name 'Xrm:techart_application'.
The deserializer has no knowledge of any type that maps to this name.
Consider changing the implementation of the ResolveName method on your DataContractResolver
to return a non-null value for name 'techart_application' and namespace 'Xrm'.'.
Please see InnerException for more details.


3. Set the DeviceIdManager.PersistToFile = false and device name and password is mandatory in order to make it working on Windows Azure. Device ID will be registered in Windows Live. Windows Azure does not support storing the user or machine level files, that is why we should restrict the storing of the Device ID. As you can see, it is only required for release environment on Windows Azure.


So, this scenario will allow you to implement the required behaviour.


Scenario: Using Windows Azure Service Bus and ACS to Interact with Dynamics CRM 2011 Online


This scenario allows you to use all benefits of the Microsoft cloud platform. Dynamics CRM 2011 Online has an internal support for integration using Azure Service Bus. Commonly, you can download a certificate from CRM and use it to maintain a trusted relationships with another application through Service Bus.



So, in general, this is it. The main issues will rise as always during the implementation of the solutions. But currently, Azure provides spectacular tools which allows you to deliver a solution as quick as possible and does not worry about the hosting environment maintenance and support. Azure Service Bus could be expensive for a small company, but it is a good tool for middle size organizations. I must admit that the current implementation of the Service Bus is far from enterprise level product and you should consider other available products such as MS BizTalk On-premises, Oracle Service Bus or Tibco EAI. But I expect that in two years, it will become a real pearl for integration projects.