For binding selection generally follow this:
Common Binding Capability Matrix
| Name | Transport | Encoding | Interop. With non-.Net | Reliability | Ordered Delivery | Security |
|---|---|---|---|---|---|---|
| BasicHttpBinding | Http/Https | Soap1.1*/Mtom | Yes | No | No | None*, Transport, Message, Mixed |
| NetTcpBinding | Tcp | Binary | No | Yes (off*) | Yes (on*) | None, Transport*, Message, Mixed |
| NetNamedPipeBinding | IPC | Binary | No | No (**) | Yes (on*) | None, Transport* |
| WsHttpBinding | Http/Https | Soap1.2*/Mtom | Yes | Yes (off*) | Yes (on*) | None, Transport, Message*, Mixed |
| NetMsMqBinding | MsMq | Binary | No | No | No | None, Transport*, Message, Both |
| webHttpBinding | Http/Https | Xml*/Json | Yes | No | No | None*, Transport, Mixed |
** = NetNamedPipeBinding doesn't support reliability but is classified as inherently reliable because its communicating within the same machine.
Client Credentials Supported with Transport Security
| Name | None | Windows | UserName | Certificate |
|---|---|---|---|---|
| BasicHttpBinding | Yes* | Yes | Yes | Yes |
| NetTcpBinding | Yes | Yes* | No | Yes |
| NetNamedPipeBinding | No | Yes* | No | No |
| WsHttpBinding | Yes | Yes* | Yes | Yes |
| NetMsMqBinding | Yes | Yes* | No | Yes |
| WebHttpBinding | Yes* | Yes | Yes | Yes |
Client Credentials Supported with Message Security
| Name | None | Windows | UserName | Certificate | Issued Token |
|---|---|---|---|---|---|
| BasicHttpBinding | No | No | No | Yes* | No |
| NetTcpBinding | Yes | Yes* | Yes | Yes | Yes |
| NetNamedPipeBinding | N/A | N/A | N/A | N/A | N/A |
| WsHttpBinding | Yes | Yes* | Yes | Yes | Yes |
| NetMsMqBinding | Yes | Yes* | Yes | Yes | Yes |
| WebHttpBinding | N/A | N/A | N/A | N/A | N/A |
Standard Behavior Defaults
[ServiceBehavior(
AutomaticSessionShutdown=true,
ConcurrencyMode=ConcurrencyMode.Single,
InstanceContextMode=InstanceContextMode.PerSession,
IncludeExceptionDetailInFaults=false,
UseSynchronizationContext=true,
ValidateMustUnderstand=true)]
[OperationBehavior(
TransactionAutoComplete=true,
TransactionScopeRequired=false,
Impersonation=ImpersonationOption.NotAllowed)]
http://msdn.microsoft.com/en-us/library/ms751438.aspx
Of all the settings shown above InstanceContextMode is the most tricky. Just because it defaults to PerSession, does not mean a session is always present. If the binding does not support it or the service contract has been configured to not allow it (ServiceContract.SessionMode).
Here's a table showing the resulting instance context mode as a result of binding, service cotract's session mode and service behavior's instance mode.
| Binding | Service Behavior Session Mode | Service Contract Context Mode | Resulting Actual Instance Mode |
|---|---|---|---|
| BasicHttp | Allowed or Not Allowed | Per Call or Per Session | PerCall |
| netTCP and netNamedPipes | Allowed or Required | Per Call | PerCall |
| netTCP and netNamedPipes | Allowed or Required | Per Session | PerSession |
| WsHttp (no message security and no reliability) | Allowed or Not Allowed | Per Call or Per Session | PerCall |
| WsHttp (with message secuity or reliability) | Allowed or Required | Per Session | PerSession |
| WsHttp (with message security or reliability) | Not Allowed | Per Call or Per Session | PerCall |
| WebHttpBinding | Allowed or Not Allowed | Per Call or Per Session | PerCall |
Using JSON
I have little experience using JSON with the standard bindings, but my understanding is that you will be forced to use BasicHttpBinding or WebHttpBinding (not WsHttpBinding). When doing so you will loose most of the support for other WCF features like security, reliability, ordered messages, and transactions. With regard to security, SSL is supported by both Web and Basic, any other form of security (message and credentials) you'll be forced to hand craft service side extensions to support these.
WTF is Ws2007HttpBinding?
I came across this MSDN article that explains in detail the differences in a capability matrix between the Http bindings and W3C recommendations when to use which one.
http://msdn.microsoft.com/en-us/library/ms730294.aspx
Simply put, the difference with the newer 2007 Http binding is that is supports extensions to the Organization for the Advancement of Structured Information Standards (OASIS). This means it supports minor changes to the WS Security standards. There is no real compelling reason for a developer to choose these bindings, there's no amazing new features to take advantage of, merely protocol level changes. You might choose the 2007 binding if a client insists on a specific standard being used, or you're integrating into existing clients or services that use it.
Further Reading
No comments:
Post a Comment