iWay Application Adapter for Microsoft Dynamics CRM 2011 On-Premises User's Guide > Introducing the iWay Application Adapter for Microsoft Dynamics CRM 2011 On-Premises > Understanding the Microsoft Dynamics CRM Communication Model

Understanding the Microsoft Dynamics CRM Communication Model

Topics:

The iWay Application Adapter for Microsoft Dynamics 2011 CRM On-Premises communicates with MS CRM 2011 by sending requests directly to MS CRM to retrieve WSDL files for MS CRM services. Publishing WSDL files does not require user authentication.

For other operations, the adapter sends requests and receives responses using the Windows Communication Foundation (WCF) Routing Service (WCF Router). The WCF Router is a middleware application that redirects SOAP messages and adapts them to the target system.

The Windows Communication Foundation (WCF) is a runtime and a set of APIs in the .NET Framework that is used for building connected, service-oriented applications. It is designed using service oriented architecture (SOA) principles to support distributed computing where services have remote consumers.

The following diagram illustrates the high-level adapter architecture and communication model:

Several mechanisms are used to protect data. The connection channel between the user and adapter can be protected by the iSM infrastructure. The connection channel between the MS CRM system and WCF Router is protected by the HTTPS protocol. Between the WCF Router and the MS CRM system, data is encrypted according to the WS-Trust specification.

WCF Routing Service (WCF Router) Authentication

The following layers of authentication are present:

  • Between the adapter and the WCF Router.
  • Between the WCF Router and the MS CRM system.

If the HTTPS protocol is enabled, the WCF Router may require the adapter to have a client certificate in order to authenticate itself. This behavior is configured in a configuration file of the WCF Routing Service. If the WCF Routing Service is configured to validate the client certificate, the adapter must provide the certificate or the authentication will fail. If the WCF Routing Service is configured to require no client authentication (transport only security), then the adapter can leave the certificate empty.

MS CRM uses Active Directory validation on the domain and machine where MS CRM is installed. As a result, the WCF Router requires a domain, user name, and password to connect to MS CRM. The adapter passes credentials in SOAP headers. Then WCF Router reads the credentials and passes them to MS CRM. Since communication is implemented over the HTTPS protocol, user credentials are protected.