英文:
Accessing non-Azure Web API (hosted in IIS locally) from Dynamics 365 plugin
问题
Here's the translated content:
早上好,各位,
我正在尝试从 Dynamics 365 插件中拉取数据,该数据来自在 IIS 中本地托管的 Web API。我设置了 Web API 使用"单独用户帐户"并使其公开可用。在 Postman 中测试时,这部分工作正常,因为我可以正常获取令牌,然后将该令牌用于查询。
我的想法是,在插件中使用 HttpWebRequest 请求一个令牌,然后将该令牌用于以后的查询。
我的问题是,当我尝试在插件注册工具中运行代码时,我根本无法从 Dynamics 365 插件中调用该 Web API,因为我在此时遇到了安全错误。以下是我对此主题的研究结果。
1.) 我无法访问该 Web API,因为我尚未在"Microsoft Azure Web App"中注册它。关于这一点,我的问题是,既然我们没有计划使用 Azure(我也不确定它是否符合此项目的安全规范),"我是否必须在 Azure 中注册它?"
以下引用来自 MSDN 关于插件中的 web 服务调用的主题。我不确定我在设置中漏掉了什么或违反了什么规定。
网络访问
沙盒插件和自定义工作流活动可以通过 HTTP 和 HTTPS 协议访问网络。此功能支持访问流行的网络资源,如社交网站、新闻源、Web 服务等。以下是此沙盒功能的网络访问限制。
仅允许使用 HTTP 和 HTTPS 协议。
不允许访问 localhost(回环)。
不能使用 IP 地址。必须使用需要 DNS 名称解析的命名 Web 地址。
支持匿名身份验证,也建议使用。不提供提示已登录用户的凭据或保存这些凭据的方法。
2.) 我发现很多人说插件注册工具将始终引发安全错误,因为我的插件是沙盒化的。是否每个人都只是使用跟踪日志来调试这个问题?
3.) 我一直在研究使用 Dynamics 365 Web Hooks,但我需要此插件在"RetrieveMultiple"事件上执行。这是我可以使用 D365 Web Hooks 做的吗?
非常感谢大家的帮助。祝大家有个美好的一天。
英文:
Good morning everyone,
I am attempting to pull data from a locally-hosted (in IIS) Web API from a Dynamics 365 plugin. I set up the Web API to use "Individual User Accounts" and made it publicly available. That is working correctly in Postman when I test it as I can get the token fine, then use that token for queries.
My thought was that in the plugin I would request a token using an HttpWebRequest and then use that token for future queries.
My problem is that I cannot call that Web API from a Dynamics 365 plugin at all as I get a security error when I attempt to run the code in the Plugin Registration Tool. Here is what my research has yielded on the topic.
1.) I cannot access the Web API because I have not registered it in/as a "Microsoft Azure Web App." My question on this would be that since we were not planning on using Azure (and I am not sure it fits the safety specifications of this project) "do I have to register it with Azure?"
This quote below is from MSDN on the topic of web service calls in plugins. I'm not sure what I'm missing/violating in my setup.
>Web access
>>Sandboxed plug-ins and custom workflow activities can access the network through the HTTP and HTTPS protocols. This capability provides support for accessing popular web resources like social sites, news feeds, web services, and more. The following web access restrictions apply to this sandbox capability.
>>Only the HTTP and HTTPS protocols are allowed.
>>Access to localhost (loopback) is not permitted.
>>IP addresses cannot be used. You must use a named web address that requires DNS name resolution.
>>Anonymous authentication is supported and recommended. There is no provision for prompting the logged on user for credentials or saving those credentials.
2.) I have found a lot of people saying that the Plugin Registration Tool will always throw a security error due to my plugin being sandboxed. Does everyone just use trace logs for debugging this?
3.) I have been researching the use of Dynamics 365 Web Hooks but I need this plugin to execute on the "RetrieveMultiple" Event. Is that something I can do with D365 Web Hooks?
Thank you all so much for your help. Have a great day.
答案1
得分: 0
你的网络服务应该有一个可以公开访问的https-URL,这样Dynamics 365就可以从任何地方访问它。你应该通过登录机制来保护你的网络服务。
在测试、安全性和配置建议方面,你不应该在插件代码中添加URL、用户名和密码,而是应该将其配置在CRM记录中。这样,你可以在不同的网络服务实例上进行开发和测试,而在部署之前,你的生产实例连接到正确的网络服务,而不需要修改代码。
英文:
Your webservice should have a public accessible https-URL, so dynamics 365 can access it from anywhere. You should secure your webservice by a login mechanismn.
As testing, security and configuration advice you should not add url, username and password in your plugin code, instead make it configurable in a crm record. So you can develop and test on a different webservice instance and your production instance connects to the right webservice without changing the code before deployment.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论