WCF Experienced Interview Questions and Answers
In this article, I am going to discuss the most frequently asked WCF Experienced Interview Questions and Answers. Please read our previous article, where we discussed WCF Basic Interview questions and answers.
What is IExtensibleDataObject? OR
What is the advantage and disadvantage of implementing IExtensibleDataObject?
WCF guidelines recommend enhancing all data contracts with the support of the IExtensibleDataObject interface, to preserve unexpected data from clients. During deserialization, superfluous data is placed in a dictionary on the service side and during serialization, the same data is written as XML as it was originally provided by the client. This is very useful to preserve data from version 2.0 services at a version 1.0 client. It is also useful in the case where downstream calls from version 2.0 services go to other services handling version 1.0.
However, there is also a disadvantage of implementing IExtensibleDataObject. It carries risks of denial of service (DoS) and unnecessary use of server resources. We can turn on and off, the support for IExtensibleDataObject either in code declaratively using attributes or in the configuration file as shown below.
Disabling support for IExtensibleDataObject in Code using attributes
What are the different ways to expose WCF Metadata?
This is one of the frequently asked WCF Experienced Interview Questions and Answers. By default, WCF doesn’t expose metadata. We can expose it by choosing one of the following ways:
1. In the configuration file, by enabling metadata exchange as follows:
2. ServiceHost can expose a metadata exchange endpoint to access metadata at runtime.
using (ServiceHost host = new ServiceHost(typeof(WcfService1)))
ServiceMetadataBehavior behavior = new ServiceMetadataBehavior();
behavior.HttpGetEnabled = true;
Console.WriteLine(“My Service here……….”); Console.ReadLine();
What is mexHttpBinding in WCF?
In order to generate proxy, we need service metadata and mexHttpBinding is the binding that returns service metadata. If we look into our configuration file, the service will have an endpoint with mexHttpBinding as follows:
and service metadata behavior will be configured as follows:
Before deployment of the application to the production machine, it should be disabled. In order to support other protocols, related bindings are:
What is a Service Proxy in Windows Communication Foundation?
This is one of the frequently asked WCF Experienced Interview Questions and Answers. A service proxy or simply proxy in WCF enables application(s) to interact with WCF Service by sending and receiving messages. It’s basically a class that encapsulates service details i.e. service path, service implementation technology, platform, and communication protocol, etc. It contains all the methods of service contract (signature only, not the implementation). So, when the application interacts with the service through the proxy, it gives the impression that it’s communicating a local object.
What are the different ways to generate proxy in WCF?
Generating proxy using Visual Studio is simple and straightforward.
- Right-click References and choose “Add Service Reference”.
- Provide the base address of the service on the “Add Service Reference” dialog box and click the “Go” button. Service will be listed below.\
- Provide namespace and click OK.
Visual Studio will generate a proxy automatically.
We can generate the proxy using the svcutil.exe utility using the command line. This utility requires few parameters like HTTP-GET address or the metadata exchange endpoint address and a proxy filename i.e. optional.
svcutil http://localhost/MyService/Service1.svc /out:MyServiceProxy.cs
If we are hosting the service at a different port (other than the default for IIS which is 80), we need to provide the port number in the base address.
svcutil http://localhost:8080/MyService/Service1.svc /out:MyServiceProxy.cs
For parameter details regarding svcutil, please follow the MSDN link
Difference between using ChannelFactory and Proxies in WCF?
A ChannelFactory creates a kind of Channel used by clients to communicate with service endpoints. If we have control over Server and Client, then ChannelFactory is a good option because it relies on having local interfaces that actually describe the service i.e. service contract.
On the other hand, If we don’t have control over the server and only have WSDL/URL, then it’s better to generate a proxy using Visual Studio or SvcUtil. SvcUtil is a better option as compared to Visual Studio because we have more control in the case of SvcUtil.
How to create a proxy for Non-WCF Services?
In the case of Non-WCF Services, we can create a proxy by either using Visual Studio or svcUtil.exe tool by pointing to WSDL of the non-WCF service. In this scenario, we can’t create proxy through ChannelFactory or manually developing proxy class because we don’t have local interfaces i.e. service contract.
Briefly explain Automatic Activation in WCF?
Automatic activation means service starts and serves the request when a message request is received, but the service doesn’t need to be running in advance.
Both IIS (Internet Information Services) and WAS (Windows Activation Service) support automatic activation. It means if your service is hosted in IIS or WAS, then it will be activated automatically as a new message arrives. But there are few scenarios in which service needs to be running in advance, for example, in the case of Self-Hosting.
Note: WAS (Windows Activation Service) is a process activation mechanism introduced in IIS 7.0 that supports other protocols (e.g. TCP, NamedPipes, etc.) along with existing HTTP.
What are the core security concepts supported by WCF?
There are four core security Features
- Confidentiality: It’s a confirmation about the recipient. Only the valid recipient can read the message when it passed between service and client.
- Integrity: This is to ensure that message received is not being tempered or changed during the exchange.
- Authentication: is a way for the parties (sender and receiver) to identify each other.
- Authorization: ensures that what actions an authenticated user can perform?
Difference between Message Level security and Transport Level security?
This is one of the frequently asked WCF Experienced Interview Questions and Answers. Security can be configured at two different levels in Windows Communication Foundation:
- Transport Level Security: secures the transport (the pipe) over which the message passes through from client to a service.
- Message Level Security: secures the message that is being transported from one end to another.
WCF Supports the following Transfer Security Modes:
- None – No security at all. Very risky to choose.
- Transport – Securing message transfer with transport protocol like TCP, IPs, HTTPS, MSMQ. It’s Ideal for Intranet scenarios having point-to-point communication.
- Message – Securing a message by encrypting it. Good for scenarios even when multiple intermediaries involved.
- Mixed – TransportWithMessageCredential uses transport for message privacy and service authentication with client authentication handled at the message level.
- Both -Using both Messages as well as transport security. In this case, secured encrypted messages travel over a secure transport (pipe) only supported by MSMQ Binding.
Can you please explain which security mode supported by various WCF Bindings?
The following table illustrates in detail about support for security mode in Windows Communication Foundation for various WCF Bindings.
Difference between BasicHttpBinding and WsHttpBinding w.r.t Security?
This is one of the frequently asked WCF Experienced Interview Questions and Answers. WsHttpBinding supports advanced WS-* specification, it has a lot more security options available. For example, it provides message-level security i.e. message is not sent in plain text. Also, it supports WS-Trust and WS-Secure conversations. While in the case of BasicHttpBinding, it has fewer security options, or we can say, there is no security provided, by default. At the transport level, it can provide confidentiality through SSL. Following is a detailed comparison of both WCF bindings:
- Designed to exchange SOAP over HTTP(s) only.
- Higher Level of interoperability with older clients.
- Based on SOAP 1.1
- No support for reliable messaging
- No support for transactions
- By default, no security options
- Support for confidentiality through SSL
- A bit faster because security is disabled by default.
- Support advanced WS-* specification
- Reduced support for a wide range of older clients
- Supports for SOAP 1.2 specification
- Support reliable messaging
- Supports atomic and distributed transactions
- Supports lot more security options
- Supports both Transport as well as Message level security
- A bit slower than BasicHttpBinding.
Please explain about authorization options supported in WCF?
This is one of the frequently asked WCF Experienced Interview Questions and Answers. Authorization as a core feature of security in WCF supports different authorization types.
- Role-based authorization is the most common authorization approach being used. In this approach, the authenticated user has assigned roles, and the system checks and verifies that either a specific assigned role can perform the operation requested.
- The identity-based authorization approach basically provides support for the identity model feature which is considered to be an extension to the role-based authorization option. In this approach, service verifies client claims against authorization policies and accordingly grant or deny access to operation or resource.
- The resource-based authorization approach is a bit different because it’s applied to individual resources and secure those using windows access control lists (ACLs).
What is Reliable Messaging in WCF?
We know that networks are not perfect enough and those might drop signals or in some scenarios, there can be a possibility of wrong order of messages during message exchange.
WCF allows us to ensure the reliability of messaging by implementing the WS-ReliableMessaging protocol. Here is how you can configure reliable messaging in WCF.
What are Reliable Sessions in WCF?
Reliable sessions actually ensure that the caller for messages will know about the lost message(s) but it can’t guarantee the delivery of the message(s). There is a misconception about reliable sessions that it ensures the session will never expire or stays for a very long time. This we can achieve by using timeout for sessions.
Briefly explain WCF RESTfull services?
RESTful services are those which follow the REST (Representational State Transfer) architectural style. As we know that WCF allows us to make calls and exchange messages using SOAP over a variety of protocols i.e. HTTP, TCP, NamedPipes and MSMQ, etc. In a scenario, if we are using SOAP over HTTP, we are just utilizing HTTP as a transport. But Http is much more than just transport. So, when we talk about REST architectural style, it dictates that:
Instead of using complex mechanisms like CORBA, RPC, or SOAP for communication, simply HTTP should be used for making calls. The RESTful architecture uses HTTP for all CRUD operations like (Read/CREATE/Update/Delete) using simple HTTP verbs like (GET, POST, PUT, and DELETE). It’s simple as well as lightweight.
Explain the differences between SOAP and REST approaches w.r.t. common CRUD operations?
For common CRUD (Create, Retrieve, Update, Delete) operations, both SOAP and REST approaches are different as follows:
What is SOA (Service Oriented Architecture) and how WCF supports it?
SOA is basically an architectural model that dictates few principles for building business applications in the form of independent, loosely coupled, and interoperable services. These services are well-defined, self-contained, and can work together to achieve certain business functionality without depending on the context or state of other services.
WCF supports almost all those principles dictated by Service Oriented Architecture for developing services; those are independent, loosely coupled, and interoperable also.
What is ESB in an SOA environment?
In a Service-Oriented Architecture environment, ESB (Enterprise Service Bus) acts as a single interface for all messaging between applications and services in a loosely coupled manner. ESB is capable to call and subscribe to different service provider’s methods and subscriptions respectively.
What is Transaction Propagation? And how WCF support it?
Transaction propagation is the ability to propagate transactions across the boundaries of a single service. Or in other words, we can say that a service can participate in a transaction that is initiated by a client.
In an SOA environment, transaction propagation becomes a key requirement. As we know that WCF supports SOA, so it provides support for transaction propagation as well.
To enable transaction propagation, we need to set the value of the TransactionFlow property of the binding being used. This can be done programmatically as follows:
WSHttpBinding bindingBeingUsed = new WSHttpBinding();
bindingBeingUsed.TransactionFlow = “true”;
Or It can be done declaratively by updating configuration file as follows:
The default value for the TransactionFlow property is “False”.
Do all WCF bindings support Transaction Propagation?
No. Not all WCF bindings support transaction propagation. The only following list of bindings supports it.
Are WCF Contracts versions tolerant?
Yes, WCF contracts are version tolerant by default. Service contracts, data contracts, and message contracts forgive missing and non-required data. They also ignore any superfluous or additional data sent by the client to the service. The DataContractSerializer provides tolerance. Reasonable changes can be made without impacting existing clients. The following table summarizes the changes to a service contract and their impact on existing clients.
What are the various Transaction Flow Options available in WCF?
If a service is configured for Transaction Propagation, WCF further supports various options for service methods to be part of any transaction initiated outside service boundaries.
- NotAllowed Transaction Propagation is not allowed for a particular service method. Its default value.
- Allowed Transaction Propagation is allowed but not compulsory.
- Mandatory Transaction Propagation is compulsory for that service method.
For example, Transaction Propagation is mandatory for the CreditAccount service method in the following code snippet.
What is the two-phase committed protocol?
In a distributed transaction scenario, the two-phase committed protocol is an algorithm that ensures all the participating processes in a distributed transaction are ready to be committed or rollbacked. This is done in two phases:
- Prepare Phase
- Commit phase
What is the role of the transaction manager in WCF?
The transaction manager while sitting on the client-side, initiates the transaction and coordinates with all the processes that participate in a distributed transaction to commit or rollback.
What are the supported transaction types in WCF?
Supported transaction types in WCF are:
- Light Weight
- OLE Transactions
- WS-Atomic Transactions
How to enable the Performance Counters in WCF?
The simple way to enable Performance Counters supported by WCF is as follows:
<diagnostics performanceCounters = “All” />
The above configuration setting will enable all categories of counters including ServiceModelService, ServiceModelEndpoint, and ServiceModelOperation. The default value for it is “Off”.
Can you overload methods in a WCF service?
Yes, it is possible to overload methods in a WCF service, but the names of the exposed operation contracts must be unique. To achieve this, we can use the Name property of OperationContractAttribute. Let us understand this with an example.
If I have the WCF service designed as shown below, the service compiles without any issues. When we try to run the service, we will get InvalidOperationException.
To correct this, we can use the Name property of OperationContractAttribute as shown below. After this change, the service works fine both at compile and runtime.
Here, in this article, I try to explain the most frequently asked WCF Experienced Interview Questions and Answers. I hope you enjoy this WCF Experienced Interview Questions and Answers article. I would like to have your feedback. Please post your feedback, question, or comments about this WCF Experienced Interview Questions and Answers article.