Is it possible to call the AIF system services using a callcontext of another user?
I specifically need to fetch which tables a user has access to. By using the method GetAccessRights
in the UserSessionService
, I can extract which tables I have access to.
I need to call this for other users, so I tried setting the CallContext.LogonAsUser
to another user, but I get the error:
An unhandled exception of type 'System.ServiceModel.FaultException' occurred in mscorlib.dll
Additional information: Failed to logon to Microsoft Dynamics AX.
To be able to use LogonAsUser on custom services, I need to set the "Trusted intermediary users" on the inbound port. However, it doesn't seem to be possible to set this on the system services.
I'm testing this on a contoso image. I'm logged in as contoso\Administrator.
The complete code:
USSReference.UserSessionServiceClient client = new USSReference.UserSessionServiceClient();
USSReference.CallContext context = new USSReference.CallContext
{
LogonAsUser = "VishwaR"
};
USSReference.AccessControlledItemKey key = new USSReference.AccessControlledItemKey();
key.ItemType = USSReference.AccessControlledType.Table;
key.ItemName = "CUSTTABLE";
UserService.USSReference.AccessRight[] rights = client.GetAccessRights(context, new USSReference.AccessControlledItemKey[] { key });
You can create custom AIF Inbound Port and add AifUserSessionService.GetAccessRights
operation.
Here you can set Allow trusted intermediary to impersonate
.