Which SQL statement is faster? (EXISTS or IN …)

Based on Question asked in MSDN Forum

  1.  IN is efficient when most of the filter criteria is in the sub-query.
  2.  EXISTS is efficient when most of the filter criteria is in the main query.
  3.  Usually IN has the slowest performance.

For more you can refer Join vs Exists vs In (SQL)IN vs. JOIN vs. EXISTS

Which SQL statement is faster? (HAVING vs. WHERE…)

If a condition refers to an aggregate function, put that condition in the HAVING clause. Otherwise, use the WHERE clause.

You can use HAVING but recommended you should use with GROUP BY.

SQL Standard says that WHERE restricts the result set before returning rows and HAVING restricts the result set after bringing all the rows. So WHERE is faster.

About InstanceContextMode in WCF

InstanceContextMode tells how the instanceContext object need maintain/handle/available for the incoming messages.

What is the Use of InstanceContextMode?

Basically it tell how the object create for the request/response must be handle across the service.

In our Business requirement let see what are all different type of requirement you may face

1) For some of you request you may need to maintain information for the each user and its scope of information is limited to each user (SESSION)

EX:- While a client request to service first time new instance will get created after that request come form same client will handle by the same instance until it gets disconnected/Expired.

2) Some time you need to maintain the information common to all user request to share the information across all the clients

EX: Update each share value to the requested users.

3) Some other request just you want to pass information to service, which may return the value back to client or may not based on your need.

Let see how we can implement it using WCF InstanceContextMode
There are 3 different type of InstanceContextMode

1) PerCall
– For every request separate InstanceContext object gets created and destroyed after respond back to the client, just Request/Response pattern.
– Decorate [ServiceBehaviour(InstanceContextMode=InstanceContextMode.PerCall)] for the class that you want to include the InstanceContextMode.

2) PerSession
– When first time request comes from the client new object will gets created, after that when ever subsequent call comes from the same client, the request are handle by the same instance object. This object will alive in service untill the client get disconnect or that instance object goes to ideal mode for some time. Default session expire time is 10 min.
– Decorate [ServiceBehaviour(InstanceContextMode=InstanceContextMode.PerSession)] for the class that you want to include the InstanceContextMode.

3) Single
– This object is global for all the request/response. When ever new request are comes from the client it won;t create new instance because of that performance gets improved.
– Decorate [ServiceBehaviour(InstanceContextMode=InstanceContextMode.Single)] for the class that you want to include the InstanceContextMode.


You need to decorate corresponding servicebehaviour attribute in the class, else it will behave as request/response fromat and also based on how you create object in client side to call the service.

To download the sample code click here

Callback in WCF using wsDualHttpBinding

When shall we go for wsDualHttpBinding?

Your service need to perform lot of operation after getting the information from the client side, which consume more time to return result back to the client.

Normally time consuming operation in server side will block the client to perform other operation. So  ‘wsDualHttpBinding’ will be ideal solution for this kind of problem.

Suppose if your client not depend on the result produce by the service at that time we can go for ‘wsDualHttpBinding’ .

If you need to implement callback between client and service at that time we can go for ‘wsDualHttpBinding’.

Because of some operation (or) result taking place in server side must not affect the client side access or other request the ideal choice is ‘wsDualHttpBinding’

wsDualHttpBinding is binding which sends the request in one http channel and response will be sent back to the client in another http channel


If you are using ‘dualHttpBinding’ you need to create two interface one interface is to get the request from the client and one more is send the response back to the client as callback

The below mentioned interface is to send the response back to the client and the ‘OperationalContract’ used to send the response back to the client must be decorated with the property ‘IsOneWay=true’ as shown below.


Another Interface mentioned below is to get the request from the client, this interface  must also be decorated with the property ‘IsOneWay=true’  inside the ‘OperationalContract’ attribute as mentioned below. Also we need to refer using which interface (or) channel we are going to send the response back to the client. We already declare the callback interface now need to establish relationship with the ‘ServiceContract’ as mentioned below.


In the above code we are mentioned ‘INotificationServiceCalback’ as the callback interface by using ‘CallbackContract’ property of ServiceContract.


In the web.Config we need to specify ‘wsDualHttpBinding’ in the binding property.



The Implementation of service contract


You can find the Code sample here

ASP.NET 5 Preview runtime

ASP.NET 5 includes the following features:

1) New flexible and cross-platform runtime
2) New modular HTTP request pipeline
3) Cloud-ready environment configuration
4) Unified programming model that combines MVC, Web API, and Web Pages
5) Ability to see changes without re-building the project
6) Side-by-side versioning of the .NET Framework
7) Ability to self-host or host on IIS
8) New tools in Visual Studio 2015
9) Open source in GitHub


Here are some helpful links to get you started with ASP.NET 5 Preview:


For more information ASP.NET 5 Overview

Cross-Origin Request Blocked: ASP.NET MVC


While i try to call the Web-Api service through JQuery, i am unable to receive the complex type collection in my client side, it throws error message in my console table of my browser as below.



Add the below code in WEB-API project web.config file

            <!-- Adding the following custom HttpHeader will help prevent CORS from stopping the Request-->
            <add name="Access-Control-Allow-Origin" value="*" />


For source and more detail click here

Getting Started – Git

List of HTTP response status codes

Application that we developed sometime unexpectedly show error message or some time during debugging need to identify the status of the request. To identify the type of error or response status codes very first thing will see the error code returned by the page. Based on the response status code we can narrow down the error type or identify the status of the request like Success/failure.

Basically we can group the response status code in 4 different types
1) Informational (1XX)
2) Success (2XX)
3) Redirection (3XX)
4) Client (4XX)


Each group have different type of status code for more you can reffer here

Highlight about OAuth2.0

OAuth 2.0 is an open authorization protocol through this you can access the resources of currently logged in user along with there permission,from the resource server, without having to give their username and password directly to the your app

OAUTH have 4 different pieces of role

1) Resource Owner (User)
End user or person who access the ‘Client Application’ provide permission to access their protected information over the Resource Server.
2) Resource server
Serving the protected user’s information, based on the requested token_access.
3) Client Application
Request the Resource server behalf of the Resource Owner along with the authorization.
4) Authorization server
It will issue the ‘token_access’ as response back to ‘client application’ after successful ‘authentication and authorization’ of resource owner

OAUTH  WorkFlow

WorkFlow of Oauth


To access the ‘Resource Owner’ information from Resource Server Client Application need ‘access_token’ as the indication of ‘Resource Owner’ Authorization called ‘Authorization_Grant’.

Before a client application can request access to resources on a resource server, the client application must first register with the authorization server associated with the resource server.
The client ID and secret is unique to the client application on that authorization server.
Whenever the client application requests access to resources stored on that same resource server, the client application needs to authenticate itself by sending along the client ID and the client secret to the authorization server.

There are 4 type of authorization grants
1) Authorization Code
Instead of getting authorization directly from the resource owner, the client directs the resource owner to an authorization server,which in turn directs the resource owner back to the client with the authorization code.

Note:-authorization code is obtained by using an authorization server as an intermediary between the client and resource owner.

2) Implicit
It is optimized authorization code flow implemented in a browser using a scripting language like Java script. Here instead of issuing intermediate authorization code ‘Client server’ directly gets access_token. It improve the responsiveness and efficiency by reduce the number of round trip to obtain the access_token.

3) Resource Owner Password Credentials
It can be used directly as an authorization grant to obtain an access_token.It should only be used when there is a high degree of trust between the resource owner and the client.

4) Client Credentials
It can be used as an authorization grant when the authorization scope is limited to the protected resources under the control of the client.

OAUTH Endpoints:-
The authorization process utilizes two authorization server endpoints

1) Authorization endpoint
It will be on the authorization server where the resource owner server grants authorization to the client application.
2) Token endpoint
Client application obtain an access token by passing authorization code along with client id, client secret. It is taken place at the resource server side.
3) Redirection endpoint
Once client application is granted with authorization at the authorization endpoint, the resource owner will be redirected to the specified page of client application.

Overview of OAUTH

In our modern web development login to the web application to access the resources takes different forms in last few years. Since from 2009 we can able to see many sites facilitate their users  by providing third party authentication/authorization. The main use of this 3rd party authentication/authorization is they no need to create there information with each client application. Just they can make use of their existing user account from different resource server(Facebook,twitter,linkedin…)

Most of the 3rd party authentication/authorization provides are from social networking/commercial web application one of main advantage here is they can easily share their information with other over the network.Currently there are more number of 3rd party authentication/authorization provides, in the developer stand if we need to integrate each provides in this point OAUTH come into picture.

OAUTH is a common standard implemented by the each 3rd party provides to implement with out application. OAUTH provide the secure way of access the resource information need for client application.Through OAUTH user can authentication/authorization the client application to access there information without sharing there credential. As per the specification of OAUTH the communication happen client application and resource server through access_token.

List of popular 3rd party provides using OAUTH

1) Facebook
2) Google
3) twitter
4) LinkedIn
5) Microsoft
6) Yammer
7) Instagram
8) PayPal

%d bloggers like this: