Configuration
The K2 installation will create K2 Services as a virtual directory for the K2 Workspace Web Site provided or selected during installation. The physical path to this virtual directory will be [Installation Directory] \WebServices\K2Services.
The contents of the directory contain files for the various endpoints installed for K2 Services.
- WCF Services – used for WCF Services
- SyncWCF.svc – used for WCF Services optimized for batch processing
- REST Services – used for REST Services
- SyncREST.svc – used for REST Services optimized for batch processing
- Legacy Workflow SOAP Web Services – legacy SOAP services used for Workflow (this service is deprecated)
The K2 Services directory also contains the web.config which is used to configure the services, such as default inclusions, security settings and services provided by each endpoint. There are three main sections of the web.config file – <services>, <bindings> and <basicAuthentication>.
Security
K2 Services supports two primary authentication modes – Windows (NTLM or Negotiate) and Basic. Basic authentication is inherently insecure over non-SSL (Secure Sockets Layer) transports; as such K2 Services will be configured by default to disallow Basic authentication over HTTP. In order to use Basic authentication SSL for the website should be configured. Disabling the SSL requirement for Basic authentication is provided for development purposes only.
The authentication mode being used will be based on a combination of the service end points <services> and the authentication binding for that endpoint <bindings> and IIS Authentication options. Additionally, when the binding is configured to allow Basic authentication, and a Basic request is sent from the client, the basic configuration will also be applied <basicAuthentication>. To ensure support for the K2 security label, K2 has implemented the Basic authentication rather than relying on the IIS implementation.
Related Topics