Search code examples
c#dynamics-ax-2012aifdynamics-ax-2012-r3

AX 2012 R3 AIF System Services Callcontext of another user


Is it possible to call the AIF system services using a callcontext of another user? I specifically need to fetch which tables a user has access to. By using the method GetAccessRights in the UserSessionService, I can extract which tables I have access to. I need to call this for other users, so I tried setting the CallContext.LogonAsUser to another user, but I get the error:

An unhandled exception of type 'System.ServiceModel.FaultException' occurred in mscorlib.dll

Additional information: Failed to logon to Microsoft Dynamics AX.

To be able to use LogonAsUser on custom services, I need to set the "Trusted intermediary users" on the inbound port. However, it doesn't seem to be possible to set this on the system services.

I'm testing this on a contoso image. I'm logged in as contoso\Administrator.

The complete code:

USSReference.UserSessionServiceClient client = new USSReference.UserSessionServiceClient();

USSReference.CallContext context = new USSReference.CallContext
{
    LogonAsUser = "VishwaR"
};

USSReference.AccessControlledItemKey key = new USSReference.AccessControlledItemKey();
key.ItemType = USSReference.AccessControlledType.Table;
key.ItemName = "CUSTTABLE";

UserService.USSReference.AccessRight[] rights = client.GetAccessRights(context, new USSReference.AccessControlledItemKey[] { key });

Solution

  • You can create custom AIF Inbound Port and add AifUserSessionService.GetAccessRights operation. Here you can set Allow trusted intermediary to impersonate.

    Custom AIF service operation