Friday 16 November 2012

WCF nterview Questions By Sujit Bhujbal

1. What is a fault contract?

Normally, by default, when some exception occurs at a WCF service level, it will not be exposed as it is to the client. The reason is that the WCF exception is a CLR exception and it doesn't make sense to expose it outside of the CLR because it contains internal details of service code like stack trace. So, WCF handles and returns error details to the client using a Fault Contract.

"So, a fault contract is a contract that contains the details of possible exception(s) that might occur in service code."
public interface IService1
    int MyOperation1();

public class MyFaultDetails
    public string ErrorDetails { get; set; }

In the implementing service
public int MyOperation1()

//Do something......

MyFaultDetails ex = new MyFaultDetails();
ex.ErrorDetails = "Specific error details here.";
throw new FaultException(ex,"Reason: Testing.....");


2. A user has a service with a one-way operation that includes a fault contract, and he gets an exception when he tries to host the service. Why?

This is true, because, to return faults, the service requires some form of a two-way communication channel, which is not present in one-way operations.

3. What are the core security concepts supported by WCF?

There are four core security features:
  1. Confidentiality: It's a confirmation about the recipient. Only the valid recipient can read the message when it passed between service and client.
  2. Integrity: Is to ensure that message received is not being tempered or changed during an exchange.
  3. Authentication: Is a way for the parties (sender and receiver) to identify each other.
  4. Authorization: Ensures what actions an authenticated user can perform.
4. Difference between Message Level security and Transport Level security?

Security can be configured at different levels in Windows Communication Foundation; they are:
  1. Transport Level Security
  2. Message Level Security

5. Difference between BasicHttpBinding and WsHttpBinding with respect to security?

Please follow differences between BasicHttpBinding and WsHttpBinding for more detailed discussion, but the basic difference with respect to security is as follows:

As WsHttpBinding supports the advanced WS-* specification, it has a lot more security options available. For example, it provides message-level security i.e. message is not sent in plain text. Also it supports WS-Trust and WS-Secure conversations.
While in the case of BasicHttpBinding, it has fewer security options, or we can say, there is no security provided, by default. At the transport level, it can provide confidentiality through SSL.

6. Please explain about authorization options supported in WCF?

Authorization is a core feature of security in WCF, which supports various authorization types.

Role-based authorization is the most common authorization approach being used. In this approach, an authenticated user has assigned roles and the system checks and verifies that either a specific assigned role can perform the operation requested.

An Identity-based authorization approach basically provides support for identity model features which is considered to be an extension to role-based authorization option. In this approach, the service verifies client claims against authorization policies and accordingly grant or deny access to operation or resource.

The Resource-based authorization approach is a bit different because it's applied on individual resources and secured using Windows Access Control Lists (ACLs).

7. What is Reliable Messaging in WCF?

We know that networks are not perfect enough and might drop signals or in some environments there can be the possibility of some messages being in the wrong order during message exchange.
WCF allows us to ensure the reliability of messaging by implementing the WS-ReliableMessaging protocol. Here is how you can configure reliable messaging in WCF:
    <binding name="Binding1">
      inactivityTimeout="00:02:00" />

8. What are Reliable Sessions in WCF?

Reliable sessions actually ensure that the caller for messages will know about the lost message(s) but it can't guarantee the delivery of message(s).
There is a misconception about reliable sessions that it ensures the session will never expire or stays for a very long time. This we can do using timeout for sessions.

9. Briefly explain WCF RESTfull services?

RESTful services are those which follow the REST (Representational State Transfer) architectural style.

As we know, WCF allows us to make calls and exchange messages using SOAP over a variety of protocols i.e. HTTP, TCP, NamedPipes and MSMQ etc. In a scenario, if we are using SOAP over HTTP, we are just utilizing HTTP as a transport. But Http is much more than just a transport.

So, when we talk about REST architectural style, it dictates that "Instead of using complex mechanisms like CORBA, RPC or SOAP for communication, simply HTTP should be used for making calls".

RESTful architecture use HTTP for all CRUD operations like (Read/CREATE/Update/Delete) using simple HTTP verbs like (GET, POST, PUT, and DELETE). It's simple as well as lightweight.

10. Briefly explain WCF Data Services?

WCF Data services, previously known as ADO.NET data services, are basically based on OData (Open Data Protocol) standard which is a REST (Representational State Transfer) protocol.

The Open Data Protocol (OData) is a Web protocol for querying and updating data that provides a way to unlock your data and free it from silos that exist in applications today. OData does this by applying and building upon Web technologies such as HTTP, Atom Publishing Protocol (AtomPub) and JSON to provide access to information from a variety of applications, services, and stores. The protocol emerged from experiences implementing AtomPub clients and servers in a variety of products over the past several years. OData is being used to expose and access information from a variety of sources including, but not limited to, relational databases, file systems, content management systems and traditional Web sites.

What are the various ways to expose WCF Metadata?

By default, WCF doesn't expose metadata. We can expose it by choosing one of the following ways:
  1. In the configuration file, by enabling metadata exchange as follows:

  2. ServiceHost can expose a metadata exchange endpoint to access metadata at runtime.

    (ServiceHost host = new ServiceHost(typeof(MyService)))
        ServiceMetadataBehavior behavior = new ServiceMetadataBehavior();
        behavior.HttpGetEnabled = true;
        Console.WriteLine("My Service here..........");
What is mexHttpBinding in WCF?

To generate a proxy, we need service metadata and mexHttpBinding returns service metadata.

If we look into our configuration file, the service will have an endpoint with mexHttpBinding as follows:

<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>

and the service metadata behavior will be configured as follows:

<serviceMetadata httpGetEnabled="true"/>

Before deployment of the application to a production machine, it should be disabled.

To support other protocols, related bindings are mexHttpBinding, mexHttpsBinding and mexTcpBinding.

What is a Service Proxy in WCF?

A service proxy or simply proxy in WCF enables application(s) to interact with a WCF Service by sending and receiving messages. It's basically a class that encapsulates service details i.e. service path, service implementation technology, platform and communication protocol etc. It contains all the methods of a service contract (signature only, not the implementation). So, when the application interacts with the service through the proxy, it gives the impression that it's communicating a local object.

We can create a proxy for a service by using Visual Studio or the SvcUtil.exe.

What are the various ways to generate a proxy in WCF?

Generating a proxy using Visual Studio is simple and straight forward.
  1. Right-click References and choose "Add Service Reference".
  2. Provide the base address of the service on "Add Service Reference" dialog box and click the "Go" button.
    The service will be listed below.
  3. Provide the namespace and click OK.
Visual Studio will generate a proxy automatically.

We can generate a proxy using the svcutil.exe utility using the command line. This utility requires a few parameters like HTTP-GET address or the metadata exchange endpoint address and a proxy filename i.e. optional. For example:

svcutil http://localhost/MyService/Service1.svc /out:MyServiceProxy.cs

If we are hosting the service at a different port (other than the default for IIS which is 80), we need to provide a port number in the base address. For example:

svcutil http://localhost:8080/MyService/Service1.svc /out:MyServiceProxy.cs

For parameter details regarding svcutil, please follow the MSDN link

What is the difference between use of ChannelFactory and Proxies in WCF?

If we have control over the server and client, then the ChannelFactory is a good option because it relies on having local interfaces that actually describes the service i.e. service contract.

On the other hand, if we don't have control over the server and only have a WSDL/URL, then it's better to generate a proxy using Visual Studio or SvcUtil.

SvcUtil is a better option as compared to Visual Studio because we have more control using SvcUtil.

How to create proxy for Non-WCF Services?

In case of Non-WCF Services, we can create a proxy by either using Visual Studio or the svcUtil.exe tool by pointing to a WSDL of the non-WCF service. In this scenario, we can't create a proxy through a ChannelFactory or manually developing a proxy class because we don't have local interfaces i.e. a service contract.

Breifly explain Automatic Activation in WCF?

Automatic activation means the service starts and serves the request when a message request is received, but the service doesn't need to be running in advance.

There are a few scenarios in which the service needs to be running in advance. For example, in the case of Self-Hosting.

What are the various WCF Instance Activation Methods available?

WCF supports three different types of Instance Activation methods:
  1. Per Call
  2. Per Session
  3. Singleton
What are the various ways to handle concurrency in WCF?

There are three different ways to handle concurrency in WCF; they are:
  1. Single
  2. Multiple
  3. Reentrant
Single: at a given time, only a single request can be processed by a WCF service instance. Other requests will be waiting until the first one is fully served.

Multiple: multiple requests can be served by multiple threads of a single WCF service instance.

Reentrant: a single WCF service instance can process one request at a given time but the thread can exit the service to call another service.

We can apply these concurrency settings by putting ConcurrencyMode property in ServiceBehavior as follows:

[ServiceBehavior(ConcurrencyMode = ConcurrencyMode.Multiple]
Public class MyService : IMyService

What is WCF throttling?

WCF throttling enables us to regulate the maximum number of WCF instances, concurrent calls and concurrent sessions. The basic purpose is to control our WCF service performance by using Service throttling behavior.

In the configuration file we can set this behavior as follows:

behavior name="MyServiceBehavior">
The above given values are the default ones, but we can modify them after evaluating the requirements of our application.

Happy Programming ! !

If you have any query mail me to     


Sujeet Bhujbal


No comments:

Post a Comment