Hello,

The authentication I built for an application with the TP no longer works in
RTM (see message from a few days ago if you're interested). Rather than
waste more time trying to fix what may not have been a good design in the
first place, I'd like to see what those of you with more experience with WSE
would recommend. Here's some copy from my previous post. Any recommendations
are greatly appreciated.

Thanks!
-jk

Technology:
We're an ISV that sells a product consisting of two services (hosted on a
server) that can be hosted in Windows Services or IIS, as well as client
tools that talk to these services. The services are written as SoapServices
and we're registering them as HttpHandlers when hosted in IIS (we aren't
using ASMX). The clients use custom proxies that extend SoapClient.

Requirements:
Since the applications are bundled and sold as a single product, we can't
have requirements like certificate servers; anyone should be able to buy the
product and install it with minimal impact to OS configuration. Customers
can use our user database, AD, LDAP, or anything else they write a provider
for, so we must send the password over the wire. That's it, really. Simple
stuff.

What would be the simplest solution? I appreciate your input.