Below is an architecture overview detailing the flow of information between a Client Application on an external network (the Internet) communicating with X++ services running on Microsoft Dynamics AX in a firewalled enterprise network. The major components and their behaviors are:
Click for larger image
The authentication process is as follows:
a. Reads the custom header from the message.
b. Extracts the SAML token from the custom header.
c. Validates the token by verifying that the signature of the token matches the signature expectedby the ADFS STS.
d. Extracts the claims from the token.
e. Creates the claims identity and principal and sets them on the security context of the message.
In order to get started using the AIF Windows Azure Service Bus Adapter you must first fulfill the following prerequisites as detailed in Microsoft Dynamics AX 2012 White Paper: Developing Mobile Apps.
After fulfilling the prerequisites above you will be able to complete the following steps to make an AX service available through the Service Bus:
These steps are summarized below, and detailed in full in Microsoft Dynamics AX 2012 White Paper: Developing Mobile Apps.
For more information on registering services and service operations, see: http://technet.microsoft.com/en-us/library/gg731906.aspx
Your X++ service is now published to IIS 7.5 and listening to messages from the Service Bus.
The article Microsoft Dynamics AX 2012 White Paper: Developing Mobile Apps details all steps necessary to create an authentication component and encrypt sensitive configuration information. The steps in that document require the downloads available below.
Sample authentication classes