An address specifies the location where messages are received. It is specified as a uniform resource identifier (URI). The schema part of the URI names the transport mechanism to use to reach the address, such as Hypertext Transfer Protocol (HTTP) and TCP. The hierarchical part of the URI contains a unique location whose format is dependent on the transport mechanism. The endpoint address enables you to create unique endpoint addresses for each endpoint in a service or, under certain conditions, to share an address across endpoints.
An endpoint that is exposed by the application, which corresponds to a service contract that is implemented by the application.
A behavior is a component that controls various run-time aspects of a service, an endpoint, a particular operation, or a client application. Behaviors are grouped according to scope: common behaviors affect all endpoints globally, service behaviors affect only service-related aspects, endpoint behaviors affect only endpoint-related properties, and operation-level behaviors affect particular operations.
A binding defines how an endpoint communicates to the world. It consists of a set of components that are called binding elements. These stack on top of each other to create the communication infrastructure. At the very least, a binding defines the transport (such as HTTP or TCP) and the encoding being used (such as text or binary). A binding can contain binding elements that specify details such as the security mechanisms that are used to secure messages or the message pattern that is used by an endpoint.
A binding element represents a particular piece of the binding, such as a transport, an encoding, an implementation of an infrastructure-level protocol (such as Web Services-Reliable Messaging (WS-Reliable Messaging)), or any other component of the communication stack.
A channel is a concrete implementation of a binding element. The binding represents the configuration and the channel is the implementation that is associated with that configuration. Therefore, there is a channel that is associated with each binding element. Channels stack on top of each other to create the concrete implementation of the binding: the channel stack.
A client application is a program that exchanges messages with one or more endpoints. The client application begins by creating an instance of a WCF client application and calling methods of the WCF client application. It is important to note that a single application can be both a client application and a service.
The advantage of configuration is that it enables someone other than the developer (for example, a network administrator) to set parameters for client applications and services after the code is written, without having to recompile. Configuration not only enables you to set values such as endpoint addresses, but also provides further control by enabling you to add endpoints, bindings, and behaviors. It is possible to control an application through coding, configuration, or a combination of the two.
A contract is an interface that defines operations that your service will expose. WCF adopts a contract-first development approach that enables you to design your service independent of any implementation.
The data types that a service uses must be described in metadata to enable others to interoperate with the service. The descriptions of the data types are known as the data contract. The types can be used in any part of a message, for example, as parameters or return types. If the service is using only simple types, there is no need to explicitly use data contracts.
An endpoint is a construct at which messages are sent or received (or both). It contains the following parts.
- A location (an address) that defines where messages can be sent.
- A specification of the communication mechanism (a binding) that describes how messages should be sent.
- A definition for a set of messages that can be sent or received (or both) at that location (a service contract), which describes what messages can be sent.
A WCF service is exposed to the world as a collection of endpoints.
A fault contract can be associated with a service operation to denote errors that can be returned to the caller. An operation can have zero or more faults associated with it. These errors are SOAP faults that are modeled as exceptions in the programming model. The exception is converted into a SOAP fault that can then be sent to the client application.
A service must be hosted in a process. A host is an application that controls the lifetime of the service. Services can be self-hosted or managed by an existing hosting process.
A hosting process is an application that is designed to host services. These include Microsoft Internet Information Services (IIS), Windows Activation Service (WAS), and Windows Services. In these hosted scenarios, the host controls the lifetime of the service. For example, by using IIS, you can set up a virtual directory that contains the service assembly and configuration file. When a message is received, IIS starts the service and controls its lifetime.
An operation that is called as the first operation of a new session. Noninitiating operations can be called only after at least one initiating operation has been called.
A service has an instancing model. There are three instancing models: “single,” in which a single common language runtime (CLR) object services all of the client applications; “per call,” in which a new CLR object is created to handle each client application call; and “per session,” in which a set of CLR objects is created, one for each separate session. The choice of an instancing model depends on the application requirements and the expected usage pattern of the service.
A message is a self-contained unit of data that may consist of several parts, including a body and headers.
A message contract describes the format of a message. For example, it declares whether message elements should go in headers or the body text, what level of security should be applied to which elements of the message, and so on.
message security mode
Message security mode specifies that security is provided by implementing one or more of the security specifications. Each message contains the necessary mechanisms to provide security during its transit, and to enable the receivers to detect tampering and to decrypt the messages. In this sense, the security is encapsulated within every message, providing end-to-end security across multiple hops. Because security information becomes part of the message, it is also possible to include multiple kinds of credentials with the message (these are referred to as claims). This approach also has the advantage of enabling the message to travel securely over any transport, including multiple transports between its origin and destination. The disadvantage of this approach is the complexity of the cryptographic mechanisms that are employed, which results in performance implications.
The metadata of a service describes the characteristics of the service that an external entity needs to understand to communicate with the service. Metadata can be consumed by the ServiceModel Metadata Utility Tool (Svcutil.exe) to generate a WCF client application and accompanying configuration that a client application can use to interact with the service. The metadata that is exposed by the service includes XML schema documents, which define the data contract of the service, and Web Services Description Language (WSDL) documents, which describe the methods of the service. When you enable the metadata property, metadata for the service is automatically generated by WCF by inspecting the service and its endpoints. To publish metadata from a service, you must explicitly enable the metadata behavior.
Any operations that you want to expose from your service to client applications must be decorated with the operation contract attribute in your service contract. The OperationContract attribute specifies additional information for each operation that is implemented by the service. The parameter's return value and exceptions that are declared by the method that is annotated by the OperationContract attribute specify the information to include in the SOAP messages that are sent back and forth. The OperationContract attribute can also dictate some aspects of the security policy that the service implements for individual messages.
Security in WCF includes:
- Confidentiality (encryption of messages to prevent eavesdropping).
- Integrity (the means for detection of tampering with the message).
- Authentication (the means for validation of servers and client applications).
- Authorization (the control of access to resources).
These functions are provided either by using existing security mechanisms, such as Transport Layer Security (TLS) over HTTP (also known as HTTPS), or by implementing one or more of the various WS-* security specifications.
A self-hosted service is one that runs within a process application that the developer created. The developer controls its lifetime, sets the properties of the service, opens the service (which sets it into a listening mode), and closes the service.
Server affinity is the ability of a load-balancing system to manage a user's requests, to a specific server or any server, depending on whether session information is maintained on the server or at an underlying, database level.
A service is a construct that exposes one or more endpoints, where each endpoint exposes one or more service operations.
A service operation is a procedure that is defined in a service's code that implements the functionality for an operation. This operation is exposed to client applications as methods on a WCF client application. The method may return a value and take an optional number of arguments, or take no arguments and return no response. For example, an operation that functions as a “Hello” can be used as a notification of a client application’s presence and to begin a series of operations.
WCF includes several system-provided bindings. These are collections of binding elements that are optimized for specific scenarios. For example, the T:System.ServiceModel.WSHttpBinding is designed for interoperability with services that implement various WS-* specifications. These bindings save time by presenting only those options that can be correctly applied to the specific scenario. If one of these bindings does not meet your requirements, you can create your own custom binding.
An operation that is called as the last message in an existing session. In the default case, WCF recycles the service object and its context after the session with which the service was associated is closed.
transport security mode
Security can be provided by one of three modes: transport security mode, message security mode, and transport with message credential security mode. The transport security mode specifies that confidentiality, integrity, and authentication are provided by the transport layer mechanisms (such as HTTPS). When you use a transport like HTTPS, this mode has the advantage of being efficient in its performance and well understood because of its prevalence on the Internet. The disadvantage is that this kind of security is applied separately on each hop in the communication path, which makes the communication susceptible to a “man-in-the-middle” attack.
transport with message credential security mode
This mode uses the transport layer to provide confidentiality, authentication, and integrity of the messages. Each of the messages can contain multiple credentials (claims) that are required by the receivers of the message.
This is shorthand for the growing set of Web-services specifications that are implemented in WCF, such as WS-Security, WS-Reliable Messaging, and so on.