Re: MTOM vs HttpWebRequest for file upload

From: "russell.lane" <russell.lane@xxxxxxxxxxxxx>
Date: Fri, 27 Oct 2006 08:30:08 -0400

Steven -

Many thanks for this reply, and for your follow-up to me.

We are authenticating the client to the service layer using integrated
Windows authentication. This is primarily for tracking who is doing what,
i.e., auditing, and less for security per se. We have other controls on who
can run the app itself, so the back end trusts the client to not permit
illegal uploads. If you can get to the service at all through the app, the
service assumes that you are a legitimate user.

The upload service, via its app pool identity, owns the permission to read
and write to the backing filesystem, the user does not.

As it turns out, I also overestimated the size of the files. They are
binary *.wav files ranging in size from the low K's to hundreds of K's of
bytes.

From your comments so far my intuition is that HTTP POST will be the better

choice. Does that seem correct?

Many thanks, again, for your comments, they were very helpful.

Best -

R

"Steven Cheng[MSFT]" <stcheng@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:fYbXQdz9GHA.1984@xxxxxxxxxxxxxxxxxxxxxxxx

Hello Russell,

As for the file uploading from your client winform application to the
server service, do you need to do additional authentication against the
client before upload or at each file uploading?

Regardless of any other requirement, from performance perspective, use
HTTP
POST to upload file will be more efficient because the file content is
directly transfered as binary content in the http post request. While
using WSE MTOM, it still use some particular encoding schema to convert
the
file content thus it will add some additional overhead. However,
comparing
to directly transfer byte[] in webservice method, using MTOM will be much
more efficient.

You can consider which approach to use according to your scenario. If
there
is any other questions on this, please feel free to post here.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead

This posting is provided "AS IS" with no warranties, and confers no
rights.

Follow-Ups:
- Re: MTOM vs HttpWebRequest for file upload
  - From: Steven Cheng[MSFT]

References:
- MTOM vs HttpWebRequest for file upload
  - From: russell.lane
- RE: MTOM vs HttpWebRequest for file upload
  - From: Steven Cheng[MSFT]

Prev by Date: RE: XMLSerialization - Do I need it?
Next by Date: Re: MTOM vs HttpWebRequest for file upload
Previous by thread: RE: MTOM vs HttpWebRequest for file upload
Next by thread: Re: MTOM vs HttpWebRequest for file upload
Index(es):
- Date
- Thread

Relevant Pages

Re: Problem - moving to IIS 6.0
... >what authentication methodit support. ... >client to figure out how to optimize the requests to not ... >I've got an ASP.NET app that I've designed and tested on ...
(microsoft.public.inetserver.iis.security)
Re: SSL/TLS - am I doing it right?
... encryption. ... I am not too worried about authentication. ... my app is for the client to enter a user id and password, ... client can reveal the password to an imposter. ...
(comp.lang.python)
Re: Sending a path to a FILE control ( it has to be possible! )
... System.Net.WebClient is used client side (NOT server side). ... to upload a file to a particular page. ... >> app that let's you upload a file. ...
(microsoft.public.dotnet.framework.aspnet.webcontrols)
Re: Sending a path to a FILE control ( it has to be possible! )
... System.Net.WebClient is used client side (NOT server side). ... to upload a file to a particular page. ... >> app that let's you upload a file. ...
(microsoft.public.dotnet.framework.aspnet)
Re: Sending a path to a FILE control ( it has to be possible! )
... System.Net.WebClient is used client side (NOT server side). ... to upload a file to a particular page. ... >> app that let's you upload a file. ...
(microsoft.public.dotnet.languages.vb.controls)