Export (0) Print
Expand All
This topic has not yet been rated - Rate this topic

Security architecture for Web services [AX 2012]

Updated: September 6, 2011

Applies To: Microsoft Dynamics AX 2012 R2, Microsoft Dynamics AX 2012 Feature Pack, Microsoft Dynamics AX 2012

Application Integration Framework (AIF) supports Web services for Windows Communication Foundation (WCF). In AIF, each document is represented by a service that can be exposed from an integration port. To consume services over the Internet, you must host services on Internet Information Services (IIS). AIF uses standard WCF processing to receive and process SOAP requests. For information about how to install Web services on IIS, see Install web services on IIS.

Security in AIF is enforced through a combination of WCF, IIS, Active Directory, and role-based security in Microsoft Dynamics AX.

  1. The client calls a service method, such as the Customer.read method, and passes the entity key of the requested customer in a SOAP message.

  2. The request is received by the IIS where the AIF services are hosted. IIS retrieves the user credentials, depending on the authentication mechanism that is specified in the service configuration. IIS then tries to map the security credentials to a valid domain user. By default, Microsoft Dynamics AX configures WCF to use the basicHttpBinding binding and message security, so that the user credentials are contained in the message's SOAP header. IIS authenticates the user as a valid user in Active Directory.

  3. The request is passed to AIF, which performs additional authentication by verifying that the user meets the following criteria:

    • The user is a valid Microsoft Dynamics AX user.

    • The user has the appropriate permissions, through role-based security, to start the operation.

  4. After AIF determines that the user has access to the service, the message is processed. At run time, standard AIF security guarantees that the user has access to the data that is exposed by the service.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft. All rights reserved.