Microsoft allows you to expose your Microsoft Dynamics CRM deployment to the cloud using the Internet-facing deployment (IFD) option. IFD still authenticates against Active Directory, but rather than using a Kerberos ticket, it uses forms-based authentication.
If you develop for IFD, you should use the CrmImpersonator class when instantiating your service objects. The CrmImpersonator class allows code to execute under the process credentials instead of the running thread’s identity. When a CrmImpersonator object is used within a using statement, the block of code executes under the process until the end of the using statement, at which point execution returns to running under the thread ID.
You access the CrmImpersonator class from the Microsoft Dynamics CRM SDK assemblies. The class does not exist with the WSDL references.
By implementing your code within the CrmImpersonator using block, you can use the existing authentication process and prevent the user from having to explicitly re-authenticate to your custom page. Example 3-3 provides some sample code using this technique.
Please refer to Chapter 13, for additional information regarding the CrmImpersonator class.
Example 3-3. Example using CrmImpersonator within a Using statement
using (new CrmImpersonator()) { CrmAuthenticationToken token; // Offline always requires Windows authentication if (offline == true) { token = new CrmAuthenticationToken(); token.OrganizationName = orgname; token.AuthenticationType = 0; } else { token = CrmAuthenticationToken.ExtractCrmAuthenticationToken(Context, orgname); } //Create the Service CrmService service = new CrmService(); service.Credentials = System.Net.CredentialCache.DefaultCredentials; service.CrmAuthenticationTokenValue = token; service.Url = <CrmServiceUrl>; //Pass in a valid CrmService URL // perform some action... }