Table of Contents
WCF has introduced lot of bindings and protocols. This article will concentrate on two important protocols BasicHttpBinding and WsHttpBinding which look similar but have some huge fundamental differences. So we will first start with the difference and then we will create a small project and see how the differences look practically.
Now a days, I am distributing my 400 questions and answers ebook which covers major .NET related topics like WCF, WPF, WWF, Ajax, Core .NET, SQL Server, Architecture and a lot more. I am sure you will enjoy this ebook.
In case you are new to WCF, please do read the basics from the below given links. Basics of WCF are not in the scope of this article:
If we want to summarize in one sentence, the difference between WsHttpBinding and BasicHttpBinding is that WsHttpBinding supports WS-* specification. WS-* specifications are nothing but standards to extend web service capabilities.
Below is a detailed comparison table between both the entities from security, compatibility, reliability and SOAP version perspective.
| Criteria |
BasicHttpBinding |
WsHttpBinding |
| Security support |
This supports the old ASMX style, i.e. WS-BasicProfile 1.1. |
This exposes web services using WS-* specifications. |
| Compatibility |
This is aimed for clients who do not have .NET 3.0 installed and it supports wider ranges of clients. Many of the clients like Windows 2000 still do not run .NET 3.0. So older version of .NET can consume this service. |
As its built using WS-* specifications, it does not support wider ranges of client and it cannot be consumed by older .NET version less than 3 version. |
| Soap version |
SOAP 1.1 |
SOAP 1.2 and WS-Addressing specification. |
| Reliable messaging |
Not supported. In other words, if a client fires two or three calls you really do not know if they will return back in the same order. |
Supported as it supports WS-* specifications. |
| Default security options |
By default, there is no security provided for messages when the client calls happen. In other words, data is sent as plain text. |
As WsHttBinding supports WS-*, it has WS-Security enabled by default. So the data is not sent in plain text. |
| Security options |
- None
- Windows – default authentication
- Basic
- Certificate
|
- None
- Transport
- Message
- Transport with message credentials
|
One of the biggest differences you must have noticed is the security aspect. By default, BasicHttpBinding sends data in plain text while WsHttpBinding sends it in encrypted and secured manner. To demonstrate the same, lets make two services, one using BasicHttpBinding and the other using WsHttpBinding and then lets see the security aspect in a more detailed manner.
We will create a small sample to see how BasicHttpBinding sends data in plain text format and how WsHttpBinding encrypts data.
Note: By default, security is not enabled on BasicHttpBinding for interoperability purposes. In other words, it is like our old webservice, i.e. ASMX. But that does not mean we cannot enable security in BasicHttpBinding. Sometime back, we had a written an article on how to enable security on BasicHttpBinding.
In order to understand the real differences between both these entities, we will do a small project. In this project, we will create two WCF services, one service using BasicHttpBinding and the second service using WsHttpBinding.
Step 1: So lets first create a simple service using BasicHttpBinding. For that, we just create a simple WCF project and then modify the ServiceModel element as shown below. You can see in the endpoint tag that we have specified basicHttpBinding as the protocol.
<system.serviceModel>
<services>
<service name="WCFBasicHttpBinding.Service1"
behaviorConfiguration="WCFBasicHttpBinding.Service1Behavior">
-->
<endpoint address="" binding="basicHttpBinding" contract="WCFBasicHttpBinding.IService1">
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFBasicHttpBinding.Service1Behavior">
-->
<serviceMetadata httpGetEnabled="true"/>
-->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Step 2: We also need to create one more service using WsHttpBinding. For that, you do not need to do anything special as such. By default, WCF project is created using WsHttpBinding. Below is how the Web.config file looks like. You can see how the endpoint tag is using wsHttpBinding.
<system.serviceModel>
<services>
<service name="WCFWsHttpBindingHttps.Service1"
behaviorConfiguration="WCFWsHttpBindingHttps.Service1Behavior">
-->
<endpoint address="" binding="wsHttpBinding" contract="WCFWsHttpBindingHttps.IService1">
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFWsHttpBindingHttps.Service1Behavior">
-->
<serviceMetadata httpGetEnabled="true"/>
-->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>
Step 3: We will not be creating any new methods in both the services. We will just use the default code created by the WCF template. So both these services will have a GetData function which returns a string. The GetData function is a default function created WCF project.
public class Service1 : IService1
{
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
public CompositeType GetDataUsingDataContract(CompositeType composite)
{
if (composite.BoolValue)
{
composite.StringValue += "Suffix";
}
return composite;
}
}
Step 4: Now that our services are created, we need to create a client which will consume this service. So we have created a simple web application and we have added two references, one is a service reference, i.e. WsHttpBinding and the second is a web reference, i.e. BasicHttpBinding. Please note that when you right click to add reference, you need to use the Add service reference to add WsHttpService and you need to add web reference for BasicHttpBinding.
We will add two buttons on the default aspx page. One button will call the HTTP service and the other will call the wshttp service. Below is how the function GetData is called in both the button clicks.
Step 5: So now that we are ready with the complete project, it is time to sniff and see how data is transported between client and the service in both the scenarios. So lets download a simple HTTP data recorder from here. We will then click both the buttons one by one and record the data transfer using httpanalyzer. You can see the posted data is in simple plain XML format for basic HTTP protocol and its in an encrypted format for wshttp protocol.
In other words, avoid BasicHttp as far as possible.
If you are looking for backward compatibility and to support a lot of clients, then basic HTTP binding is the way to go or else WsHttp is a great way to start if you are seeing your clients made in .NET 3.0 and above.
- 13th May, 2009: Initial post
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Rant 
Admin