Saturday, February 13, 2010

Difference between BasicHttpBinding and WsHttpBinding

If we want to summarize in one sentence, the difference between WsHttpBinding and BasicHttpBinding is that WsHttpBinding supports WS-* specification. WS-* specifications are nothing but standards to extend web service capabilities.

Below is a detailed comparison table between both the entities from security, compatibility, reliability and SOAP version perspective.




Security support

This supports the old ASMX style, i.e. WS-BasicProfile 1.1.

This exposes web services using WS-* specifications.


This is aimed for clients who do not have .NET 3.0 installed and it supports wider ranges of clients. Many of the clients like Windows 2000 still do not run .NET 3.0. So older version of .NET can consume this service.

As its built using WS-* specifications, it does not support wider ranges of client and it cannot be consumed by older .NET version less than 3 version.

Soap version

SOAP 1.1

SOAP 1.2 and WS-Addressing specification.

Reliable messaging

Not supported. In other words, if a client fires two or three calls you really do not know if they will return back in the same order.

Supported as it supports WS-* specifications.

Default security options

By default, there is no security provided for messages when the client calls happen. In other words, data is sent as plain text.

As WsHttBinding supports WS-*, it has WS-Security enabled by default. So the data is not sent in plain text.

Security options

  • None
  • Windows – default authentication
  • Basic
  • Certificate
  • None
  • Transport
  • Message
  • Transport with message credentials

One of the biggest differences you must have noticed is the security aspect. By default, BasicHttpBinding sends data in plain text while WsHttpBinding sends it in encrypted and secured manner.

No comments: