Secure SAS connection overview
Communication between the Administrator and the System Access Service (SAS) is based on the Windows Communication Foundation (WCF) framework. When the Administrator and SAS are installed on different machines, NetTCPBinding is used for binary TCP communication. NetTCPBinding uses Windows credentials for authentication and is secure by default. All message packages are signed and encrypted over TCP protocol.
The guides in this section describe how to set up NetTcpBinding for different security modes:
- Setting up a connection with no additional security
While not recommended, it is possible to set up NetTCPBinding communication between Administrator and SAS without security. - Setting up a connection with transport level security using Windows credentials.
Suitable for example if the Administrator and SAS run on different machines that are located in the same domain. - Setting up a connection with transport level security using the X.509 certificate.
Suitable for example if the Administrator and SAS run on different machines, where the Administrator is installed on a machine in a DMZ, and SAS runs on a machine in the company domain.
General information
The guides require that you make modifications to the following files:
- The SAS configuration file (iCoreSASvc.config), located in
%ALLUSERSPROFILE%\\iCore Solutions\\iCPS\\SystemAccessService
. - The Administrator configuration file (Web.config), located in the root directory of the site.