[Update: Ivan helped me find a partial workaround. Details here.]
I knew that my implementation of FwSync (my tool for uploading/downloading files from a FlexWiki instance for offline editing) was a little slow sometimes. I figured it was because the web service interface is a little chatty - it requires a roundtrip for every file I'm submitting or retrieving. Boy, did I not know the half of it.
I whipped out a packet sniffer and took a look at what was going across the wire. Imagine my surprise when I discovered that every request to the webserver was turning into three request-response network roundtrips. Ouch! A little more digging, and I found out that I was far from the first one to have this problem - it turns out to be a consequence of the fact that I have Integrated authentication turned on on the webserver, so I have to make one roundtrip to find out that authentication is required, another to get the challenge from the webserver, and a third to actually make an authenticated request. Because the autogenerated web service proxies (the ones you get when you say “Add Web Reference” don't hold on to connections, this process is repeated for every single method call.
At first, I didn't think this was so bad. That's because I knew there was a PreAuthenticate property on the proxy that supposedly told the proxy to send the credentials with the first request, rather than waiting for the “access denied” message to come back. I'd still have a second roundtrip for the challenge-response, but I figured I could optimize that away using the CredentialCache somehow.
Wrong! Oh so freaking wrong!
As it turns out, the autogenerated proxies are busted in a whole bunch of ways. Jon Flanders set me straight on that count - there is no way to get the proxies to preauthenticate when using Integrated authentication. To even get it to work with Basic authentication, you have to follow the instructions here...but forget about Integrated. Lame!
If someone knows of an easy way to get this to work (without having to muck with the server, although I might do that too), I'd love to hear about it.