Number of Connections for Secure Conversation

Why does a service call require creating multiple connections when using message security?

Several common uses of message security require sending multiple messages, particularly on the first call for a given proxy. For example, one way to establish a security context is by making use of a token service. The client first connects to a token server to request a security token. The token server responds with a security token. Then, the client connects to the original server and passes in the security context token. These requests may be accompanied by multiple rounds of challenges that require sending additional messages. HTTP is particularly susceptible to requiring multiple connections in a scenario like this but other transports can require multiple connections as well because more than one server may need to be contacted.

The important point though is that the bulk of the work happens with the first call for a given proxy. If you open and close proxies frequently, then you'll pay this cost many times. If you reuse proxies appropriately, then you'll reduce the number of messages required and hopefully the number of connections required as well.

Next time: Metadata is Locked

Comments

• Anonymous
  August 31, 2007
  How are transactions controlled by decorating attributes on service methods? There are three important