Securing the HPC Session

  • Article

To secure the session, set the SessionStartInfo.Secure property to True. The authentication that is used depends on the binding that you specified when you set the SessionStartInfo.TransportScheme property.

If you specify NetTcp:

  • The broker uses NetTcpBinding with Transport security when establishing the endpoints.
  • The broker authenticates the clients using Windows integrated security (Kerberos or NTLM) and the messages are signed and encrypted.

If you specify Http:

  • The broker uses BasicHttpBinding with TransportWithMessageCredential security when establishing the endpoints.
  • The broker uses SSL (HTTPS) to secure messages.
  • The broker authenticates the clients using the user name and password embedded in the message headers.

If the session is secure, the client, broker, and service must all run as the same user; you cannot set the SessionStartInfo.UserName property to a user that is different from what the client will run as.

If the credentials that you specify are from a different domain, the domain to which the cluster belongs must have a full-trust relationship with that domain. If not, you will receive a Kerberos validation error.