WCF RESTful API

I created a WCF project with one simple method that returns a pdf in a byte[] and a int (id #) and has username+password with a custom validator for message security and a SSL for transport security. Now the client tells me that he was assuming I was going to create a RESTful API instead. I don't have any experience with REST, but I've seen that you can create a REST project in WCF (which is what I'd prefer for interaction with the rest of my solution).

First, can you deliver a pdf the same way in a RESTful API? I set the int as an out parameter in order to return it to the client, can 开发者_StackOverflow社区I assume an out parameter will function the same as well?

Second, can I use the same kind of security setup? I'm assuming the SSL will still protect the transport, but I cannot seem to find a good example or tutorial on basic security. I can use a different method of security if needed.

---

REST is different than SOAP or even WCF in that you aren't using cumbersome "envelopes" unfortunately those envelopes provide you with functionality like the authentication scheme you're using (and out params, etc.)

See Best Practices for securing a REST API / web service

You can go /w basic authentication + SSL for authentication. You must encrypt basic authentication though or else it is insecure. As for the out parameter, it seems that a composite XML based result like the following is one way to go:

GET

could return XML like:

<result>
  <intValue>4</intValue>
  <pdfByteString><![CDATA[bytestring...etc.]]></pdfByteString>
</result>

It actually does look like WCF does have some built-in functionality to help you out, this white paper should provide a decent intro:

http://msdn.microsoft.com/en-us/library/ee391967.aspx#Y1720