What is the difference between WCF and ASMX Web Services?

First of all, it needs to understand that WCF Service provides all the capabilities of .NET web servies and further extends it.

Simple and basic difference is that ASMX web service is designed to send and receive messages using SOAP over HTTP only. While WCF service can exchange messages using any format (SOAP is default) over any transport protocol (HTTP, TCP/IP, MSMQ, NamedPipes etc).

ASMX is simple but limited in many ways as compared to WCF.

ASMX web services can be hosted only in IIS while WCF service has all the following hosting options:

a. IIS

b. WAS (Windows Process Activation Services)

c. Console Application

d. Windows NT Services

e. WCF provided Host

ASMX web services support is limited to HTTP while WCF supports HTTP, TCP, MSMQ, NamedPipes.

ASMX Security is limited. Normally authentication and authorization is done using IIS and ASP.NET security configuration and transport layer security.For message layer security, WSE can be used.

WCF provides a consistent security programming model for any protocol and it supports many of the same capabilities as IIS and WS-* security protocols, additionally, it provides support for claim-based authorization that provides finer-grained control over resources than role-based security.WCF security is consistent regardless of the host that is used to implement WCF service.

Another major difference is that ASMX web services uses XmlSerializer for serialization while WCF uses DataContractSerializer which is far better in performance than XmlSerializer.

Key Issues with XmlSerializer in serializing .NET types to xml are:

a. Only public fields or properties of the .NET types can be translated to Xml.

b. Only the classes that implement IEnumerable can be translated.

c. Classes that implement IDictionary, such as Hashtable cannot be serialized.

What are WCF Service Endpoints? Explain.

For Windows Communication Foundation services to be consumed, it’s necessary that it must be exposed; Clients need information about service to communicate with it. This is where service endpoints play their role.

A WCF service endpoint has three basic elements i.e. Address, Binding and Contract.

Address: It defines “WHERE”. Address is the URL that identifies the location of the service.

Binding:  It defines “HOW”. Binding defines how the service can be accessed.

Contract: It defines “WHAT”. Contract identifies what is exposed by the service.

What are the possible ways of hosting a WCF service? Explain.

For a Windows Communication Foundation service to host, we need at least a managed process, a ServiceHost instance and an Endpoint configured. Possible approaches for hosting a service are:

1. Hosting in a Managed Application/ Self Hosting

a. Console Application

b. Windows Application

c. Windows Service

2. Hosting on Web Server

a. IIS 6.0 (ASP.NET Application supports only HTTP)

b. Windows Process Activation Service (WAS) i.e. IIS 7.0 supports HTTP, TCP,NamedPipes, MSMQ.

How we can achieve Operation Overloading while exposing WCF Services?

By default, WSDL doesn’t support operation overloading. Overloading behavior can be achieved by using “Name” property of OperationContract attribute.


interface IMyCalculator


[OperationContract(Name = “SumInt”)]

int Sum(int arg1,int arg2);

[OperationContract(Name = “SumDouble”)]

double Sum(double arg1,double arg2);


When the proxy will be generated for these operations, it will have 2 methods with different names i.e. SumInt and SumDouble.

What Message Exchange Patterns (MEPs) supported by WCF? Explain each of them briefly.

1. Request/Response

2. One Way

3. Duplex


It’s the default pattern. In this pattern, a response message will always be generated to consumer when the operation is called, even with the void return type. In this scenario, response will have empty SOAP body.

One Way

In some cases, we are interested to send a message to service in order to execute certain business functionality but not interested in receiving anything back. OneWay MEP will work in such scenarios.

If we want queued message delivery, OneWay is the only available option.


The Duplex MEP is basically a two-way message channel. In some cases, we want to send a message to service to initiate some longer-running processing and require a notification back from service in order to confirm that the requested process has been completed.

What is DataContractSerializer and How its different from XmlSerializer?

Serialization is the process of converting an object instance to a portable and transferable format. So, whenever we are talking about web services, serialization is very important.

Windows Communication Foundation has DataContractSerializer that is new in .NET 3.0 and uses opt-in approach as compared to XmlSerializer that uses opt-out. Opt-in means specify whatever we want to serialize while Opt-out means you don’t have to specify each and every property to serialize, specify only those you don’t want to serialize.

DataContractSerializer is about 10% faster than XmlSerializer but it has almost no control over how the object will be serialized. If we wanted to have more control over how object should be serialized that XmlSerializer is a better choice.

How we can use MessageContract partially with DataContract for a service operation in WCF?

MessageContract must be used all or none. If we are using MessageContract into an operation signature, then we must use MessageContract as the only parameter type and as the return type of the operation.

Which standard binding could be used for a service that was designed to replace an existing ASMX web service?

The basicHttpBinding standard binding is designed to expose a service as if it is an ASMX/ASP.NET web service. This will enable us to support existing clients as applications are upgrade to WCF.

Please explain briefly different Instance Modes in WCF?

WCF will bind an incoming message request to a particular service instance, so the available modes are:

Per Call: Instance created for each call, most efficient in term of memory but need to maintain session.

Per Session: Instance created for a complete session of a user. Session is maintained.

Single: Only one instance created for all clients/users and shared among all.Least efficient in terms of memory.

Please explain different modes of security in WCF? Or Explain the difference between Transport and Message Level Security.

In Windows Communication Foundation, we can configure to use security at different levels

a.    Transport Level security means providing security at the transport layer itself. When dealing with security at Transport level, we are concerned about integrity, privacy and authentication of message as it travels along the physical wire. It depends on the binding being used that how WCF makes it secure because most of the bindings have built-in security.


<binding name=”netTcpTransportBinding”>

<security mode=”Transport”>

<Transport clientCredentialType=”Windows” />




b.    Message Level Security

For Tranport level security, we actually ensure the transport that is being used should be secured but in message level security, we actually secure the message. We encrypt the message before transporting it.


<binding name=”wsHttpMessageBinding”>

<security mode=”Message”>

<Message clientCredentialType=”UserName” />




It totally depends upon the requirements but we can use a mixed security mode also as follows:


<binding name=”basicHttp”>

<security mode=”TransportWithMessageCredential”>

<Transport />

<Message clientCredentialType=”UserName” />