I am trying to use Microsoft Dynamics CRM Online where Windows Azure hosts a custom webpage that is displayed in an IFRAME of the Microsoft Dynamics CRM web application.
I have read http://msdn.microsoft.com/en-us/library/gg509061 (Microsoft Dynamics CRM Online with a Windows Azure Hosted Webpage) and also followed the instructions on http://social.technet.microsoft.com/wiki/contents/articles/2590.aspx (Secure Windows Azure Web Role ASP.NET Web Application Using Access Control Service v2.0)
I now have a Windows Azure Webpage that displays a Windows Live Id screen to log in.
The problem is that when I place this into an IFrame in Dynamics, I get the following:
This content cannot be displayed in a frame To help protect the security of information you enter into this website, the publisher of this content does not allow it to be displayed in a frame.
This is due to the HTTP header of "X-Frame-Options:deny" served by the Windows Live Id login preventing Internet Explorer from displaying the page in a frame. This even happens when I am already logged into Windows Live Id and the webpage tries to authenticate me.
So how is this meant to work, as the first Microsoft page implies it can be done with "Microsoft Dynamics CRM Online with a Windows Azure Hosted Webpage" and optionally displayed in an IFRAME?
This post suggests a workaround implemented by opening the sign-in page in a new window. That can be accomplished through standard window.open(...), but if your users are going to use the Outlook client, you'll have to jump through some extra hoops since the embedded browser does not share session data with the user's default browser. (A workaround for that is to use Xrm.Utility.openWebResource(...) instead, with a custom HTML page that redirects to the intended page.)
来源:https://stackoverflow.com/questions/12081455/microsoft-dynamics-crm-online-with-a-windows-azure-hosted-webpage-iframe-x-f