Click here to Skip to main content
Click here to Skip to main content

Difference between BasicHttpBinding and WsHttpBinding

, 18 Jun 2012
Rate this:
Please Sign up or sign in to vote.
Difference between BasicHttpBinding and WsHttpBinding.

Table of Contents

Introduction and Goal

WCF has introduced lot of bindings and protocols. This article will concentrate on two important protocols BasicHttpBinding and WsHttpBinding which look similar but have some huge fundamental differences. We will first start with the difference and then we will create a small project and see how the differences look practically.

Nowadays I am distributing my 400 questions and answers ebook which covers major .NET related topics like WCF, WPF, WWF, AJAX, core .NET, SQL Server, architecture, and a lot more. I am sure you will enjoy this ebook.

Pre-requisite

In case you are new to WCF, please do read the basics from the below given links. Basics of WCF are not in the scope of this article:

Difference between BasicHttpBinding and WsHttpBinding

If we want to summarize in one sentence, the difference between WsHttpBinding and BasicHttpBinding is that WsHttpBinding supports WS-* specification. WS-* specifications are nothing but standards to extend web service capabilities.

Below is a detailed comparison table between both the entities from security, compatibility, reliability, and SOAP version perspectives.

Criteria BasicHttpBinding WsHttpBinding
Security support This supports the old ASMX style, i.e., WS-BasicProfile 1.1. This exposes web services using WS-* specifications.
Compatibility This is aimed for clients who do not have .NET 3.0 installed and it supports wider ranges of clients. Many of the clients like Windows 2000 still do not run .NET 3.0. So an older version of .NET can consume this service. As it is built using WS-* specifications, it does not support wider ranges of clients and it cannot be consumed by older .NET versions less than 3 version.
SOAP version SOAP 1.1 SOAP 1.2 and WS-Addressing specification.
Reliable messaging Not supported. In other words, if a client fires two or three calls you really do not know if they will return back in the same order. Supported as it supports WS-* specifications.
Default security options By default, there is no security provided for messages when the client calls happen. In other words, data is sent as plain text. As WsHttBinding supports WS-*, it has WS-Security enabled by default. So the data is not sent in plain text.
Security options
  • None
  • Windows – default authentication
  • Basic
  • Certificate
  • None
  • Transport
  • Message
  • Transport with message credentials

One of the biggest differences you must have noticed is the security aspect. By default, BasicHttpBinding sends data in plain text while WsHttpBinding sends it in an encrypted and secured manner. To demonstrate the same, let's make two services, one using BasicHttpBinding and the other using WsHttpBinding and then let's see the security aspect in a more detailed manner.

We will create a small sample to see how BasicHttpBinding sends data in plain text format and how WsHttpBinding encrypts data.

Note: By default, security is not enabled on BasicHttpBinding for interoperability purposes. In other words, it is like our old webservice, i.e. ASMX. But that does not mean we cannot enable security in BasicHttpBinding. Sometime back, we i had  written an article on how to enable security on BasicHttpBinding.

Five Steps to See the Actual Difference between BasicHttpBinding and WsHttpBinding

In order to understand the real differences between these entities, we will do a small project. In this project, we will create two WCF services, one service using BasicHttpBinding and the second service using WsHttpBinding.

Step 1: Let's first create a simple service using BasicHttpBinding. For that, we just create a simple WCF project and then modify the ServiceModel element as shown below. You can see in the endpoint tag that we have specified basicHttpBinding as the protocol.

<system.serviceModel>
<services>
<service name="WCFBasicHttpBinding.Service1" 
	behaviorConfiguration="WCFBasicHttpBinding.Service1Behavior">
<!-- Service Endpoints -->
<endpoint address="" binding="basicHttpBinding" contract="WCFBasicHttpBinding.IService1">
<!--
Upon deployment, the following identity element 
should be removed or replaced to reflect the
identity under which the deployed service runs. 
If removed, WCF will infer an appropriate identity
automatically.
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFBasicHttpBinding.Service1Behavior">
<!-- To avoid disclosing metadata information, 
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, 
set the value below to true. Set to false before deployment to avoid 
disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Step 2: We also need to create one more service using WsHttpBinding. For that, you do not need to do anything special as such. By default, a WCF project is created using WsHttpBinding. Below is how the Web.config file looks like. You can see how the endpoint tag is using wsHttpBinding.

<system.serviceModel>
<services>
<service name="WCFWsHttpBindingHttps.Service1" 
	behaviorConfiguration="WCFWsHttpBindingHttps.Service1Behavior">
<!-- Service Endpoints -->
<endpoint address="" binding="wsHttpBinding" contract="WCFWsHttpBindingHttps.IService1">
<!--
Upon deployment, the following identity element 
should be removed or replaced to reflect the
identity under which the deployed service runs. 
If removed, WCF will infer an appropriate identity
automatically.
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="WCFWsHttpBindingHttps.Service1Behavior">
<!-- To avoid disclosing metadata information, 
set the value below to false and remove the metadata endpoint above before deployment -->
<serviceMetadata httpGetEnabled="true"/>
<!-- To receive exception details in faults for debugging purposes, 
set the value below to true. Set to false before deployment to avoid 
disclosing exception information -->
<serviceDebug includeExceptionDetailInFaults="false"/>
</behavior>
</serviceBehaviors>
</behaviors>
</system.serviceModel>

Step 3: We will not be creating any new methods in both the services. We will just use the default code created by the WCF template. So both these services will have a GetData function which returns a string. The GetData function is a default function created WCF project.

public class Service1 : IService1
{
public string GetData(int value)
{
return string.Format("You entered: {0}", value);
}
public CompositeType GetDataUsingDataContract(CompositeType composite)
{
if (composite.BoolValue)
{
composite.StringValue += "Suffix";
}
return composite;
}
}

Step 4: Now that our services are created, we need to create a client which will consume this service. So we have created a simple web application and we have added two references, one is a service reference, i.e., WsHttpBinding, and the second is a web reference, i.e., BasicHttpBinding. In this example I have used a web reference to add BasicHttpBinding but you can do this by using Add Service Reference as well. I have used Add Web Reference to just prove that BasicHttpBinding is actually backwards compatible with old web services. 

We will add two buttons on the default ASPX page. One button will call the HTTP service and the other will call the WsHttp service. Below is how the function GetData is called in both the button clicks.

Step 5: Now that we are ready with the complete project, it is time to sniff and see how data is transported between the client and the service in both scenarios. Let's download a simple HTTP data recorder from here. We will then click both the buttons one by one and record the data transfer using httpanalyzer. You can see the posted data is in simple plain XML format for the basic HTTP protocol and it is in an encrypted format for the wshttp protocol.

In other words, avoid BasicHttp as far as possible.

Consideration When to Use BasicHttp and WsHttp

If you are looking for backwards compatibility and to support a lot of clients, then basic HTTP binding is the way to go, or else WsHttp is a great way to start if you are seeing your clients made in .NET 3.0 and above.

History

  • 13th May, 2009: Initial post.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Shivprasad koirala
Architect http://www.questpond.com
India India

I am a Microsoft MVP for ASP/ASP.NET and currently a CEO of a small
E-learning company in India. We are very much active in making training videos ,
writing books and corporate trainings. Do visit my site for 
.NET, C# , design pattern , WCF , Silverlight
, LINQ , ASP.NET , ADO.NET , Sharepoint , UML , SQL Server  training 
and Interview questions and answers


Comments and Discussions

 
GeneralMy vote of 5 Pinmemberfredatcodeproject16-Jul-12 1:24 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web02 | 2.8.140721.1 | Last Updated 18 Jun 2012
Article Copyright 2009 by Shivprasad koirala
Everything else Copyright © CodeProject, 1999-2014
Terms of Service
Layout: fixed | fluid