Tuesday, 21 June 2011

Difference between Secure / Unsecure Configuration of Plugin Registration tool in CRM 2011

As you all know the plugin registration tool in CRM 2011 contains Secure and Unsecure configuration sections as shown below.

Following are the two key differences found between these two configuration settings.



Unsecure Configuration of
Plugin Registration tool in CRM 2011
Secure Configuration of Plugin
Registration tool in CRM 2011


Unsecure configuration information could be read by any user in CRM. Remember its public information (Eg: Parameter strings to be used in plugin could be supplied here)
The Secure Configuration information could be read only by CRM Administrators.(Eg: Restricted data from normal user could be supplied here)
Imagine that you include a plugin, plugin steps and activate them in a solution. Later solution was exported as Managed Solution to another environment. In this scenario, the supplied Unsecure configuration values would be available in the new environment.

Imagine that you include a plugin, plugin steps and activate them in a solution. Later solution was exported as Managed Solution to another environment. In this scenario, the supplied Secure configuration  information would NOT be available in the new environment. The simple  reason behind this is to provide more security to the contents of Secure Configuration.


Pitfall:

Consider a scenario that you have developed a plugin and certain parameter strings are designed to supply to the plugin in such a way that it is required to run the plugin smoothly.If you supply these parameter strings under secure configuration then the plugin will work fine only for the CRM Administrators. The simple reason is secure configuration can only be read by a CRM Administrator. So if the user is not a CRM administrator then the plugin would try to read  but it would fail just because its under the secure configuration.All public information should be supplied via Unsecure configuration section. So please remember these tips when you supply the secure and unsecure configuration via Plugin Registration tool.

6 comments:

  1. Very nice post. I had problem while using Secure Configuration for few users, so i used to change the user context in plugin registration as CRM admin. Was not aware of the route cause.

    Thank you.

    ReplyDelete
    Replies
    1. Also, you could have given the privilege of reading Secure config.
      In roles, it is availabe in Customization -> Sdk Message Processing Step Secure Configuration

      Delete
  2. This comment has been removed by the author.

    ReplyDelete
  3. much helpful to understand secured/unsecured configurations.

    ReplyDelete
  4. thanks! it is very helpful..

    ReplyDelete
  5. Very Well described, nice post!

    ReplyDelete