I'm looking for the simplest way to connect a WWSAPI client to a WCF server that satisfies a couple of requirements:
- No certificate management required.
- Is secure.
WWSAPI obviously doesn't support message level security so standard WSHttpBinding is out, so I was hoping for people more conversant with the technology would be able to offer a suggestion to the most appropriate binding/security combination(s).
Thanks!
Given the lack of answers I'll summarize my own findings after researching this over the past week:
- WWSAPI's lack of support for message level security rules out using HTTP with message level security.
- My self-imposed restriction on certificate management rules out HTTPS.
- That leaves TCP as the only secureable system supported by WWSAPI, and the easiest approach for that is transport level security (again, the only level supported by WWSAPI) with Windows authentication.
Obviously this has other limitations around firewall usage (TCP communications generally need to have ports specifically opened for them) and domain/AD usage (Windows authentication appears to require a trust level between the two Windows accounts in use), but it would definitely be the simplest way.
And for those looking for the best way, my conclusion would be to use HTTPS and work your way through handling certificates appropriately.
精彩评论