I am confused... How can MS release two versions of Silverlight without having proper support for WCF bindings? Should they not support wsHTTP binding at least? So the service can have proper Message-level security? (i.e. certificates etc...)
With a basicHTTP binding, looks like the only two options to secure the service are...
Am I missing something?
Silverlight is a UI technology and it is normal for a Silverlight page to talk back to a single server that contains all the middle tier logic. Therefore I consider it reasonable that WCF is limited to basicHTTP binding over HTTPS. As I understand it, the more complex WCF bindings were designed to be used between servers in data centres.
Normally I would expect both the backend and the front-end of a Silverlight page to be designed and coded together. I would expect 3rd party systems to be access by the middle tier logic rather then the Silverlight page directly. Afterall Silverlight did start out as a “better HTML then HTML”.
These days Silverlight applications are starting to look more like thick client applications, so the limitations on WCF binding may no longer be as reasonable as they use to be.
Ok so a Microsoft boffin has answered this here. looks like a 'talk to the hand' to me
http://silverlight.net/forums/p/20844/78325.aspx#78325
For Silverlight V2.0 final release, the answer is no. We only support BasicHttpBinding and PollingDuplexHttpBinding.
(please "mark as answer" if this post answered your question. Thank you!)
Jeff Cao
