The services provided by the Application Server can be accessed from Clients (like the Smart Client) using TCP, HTTP or HTTPS network protocols. The reason for supporting multiple protocols is that each protocol has its pros and cons concerning information security, ease of configuration and performance. Table 1 gives an overview of the pros and cons of each protocol. Note that not all clients support all protocols.
Protocol |
Pro |
Con |
TCP |
Fastest protocol Simple configuration Uses self signed certificate by default. Can be configured to use a certificate signed by a trusted authority. |
No information security on data transmission, passwords transmitted in clear text Suitable only for Local area networks, does usually not pass firewalls, NAT etc. |
HTTP |
Internet enabled, passes firewalls, NAT etc Simple configuration Uses self signed certificate by default. Can be configured to use a certificate signed by a trusted authority. |
No information security on data transmission. Slower than TCP |
HTTPS |
Secure, internet enabled, passes firewalls NAT etc. easily
|
Need to have a valid certificate for your server. Needs in depth knowledge of certificates to be configured. |
Table 1: Pros and cons of different protocols
Which protocols shall be enabled or disabled is totally depending on your local situation. Table 2 lists some common situations and gives a recommendation on which protocol configurations to enable or disable.
Situation |
Recommendation |
Single computer installation |
enable TCP disable HTTP |
Installation in local area network, no firewalls or NAT between client and server, network is trusted |
enable TCP disable HTTP |
Installation on an internet faced server, clients access Application Server through internet. Ease of configuration is primary objective, security requirements are low. |
disable TCP enable HTTP d |
Installation on an internet faced server, clients access Application Server through internet or local area network Ease of configuration is primary objective, security requirements are low. |
enable TCP enable HTTP |
Installation on an internet faced server, clients access Application Server through internet. Information security is primary objective. |
disable TCP enable HTTP
|
Installation on an internet faced server, clients access Application Server through internet or through a trusted local area network Information security is primary objective. |
enable TCP enable HTTP Make sure that the used TCP port is not tunneled through your firewall. |
Table 2: Recommendation of protocols depending on the situation
The Application Server implements a service oriented architecture, therefore all the functionality of the Application Server are exposed as Services. These services are utilized by the Smart Client or other client software that wants to interact with the Application Server.
Depending on your configuration the services provided by the Application Server can be exposed via HTTP or TCP using SOAP as message format.
The Application Server is built on top of Microsoft's Windows Communication Foundation API that is meant for designing and deploying distributed applications under service-oriented architecture (SOA) implementation. Clients can consume multiple services; services can be consumed by multiple clients. (see the related Wikipedia article for a quick introduction to WCF)
A client connects to a service via a service endpoint. Each the service endpoint has an address and binding properties that specify how data will be transferred between client and Application Server when this endpoint is used (this includes the protocol, security mechanisms used etc). One service might be exposed via various end points with different bindings. Which bindings are actually available in your installation depends on the configuration of your system.
