By February 12, 2010

C# vs Java Part 3: The Frameworks (Network, Reflection, Security, Text)

Network Programming

Both C# and Java provide framework libraries for reading and writing data to a network.  Java is again hindered by the same kind of problems it has with file IO.  It is difficult to do network programming in Java.  Let's compare downloading a web page in both languages.



In this area, the .NET base library is much larger than Java.  I didn't really expect this would be the case, but when I compare and java.nio to, it is pretty clear that has a much larger range of functionality.  Without drilling down into too much detail, here are some of the things that are missing or obscured from Java base classes, which are available in C#/.NET:

  • FTP support
  • A base mail package, that doesn't have to be added separately.
  • TCP and UDP clients instead of using raw sockets
  • Ping
  • Peer to Peer

If we start to talk about Windows Communication Foundation (WCF), the divide grows much further.  WCF is much more than just a web services framework.  It is an adaptable distributed computing framework allowing a large range or protocols all abstracted from the business logic.  The clear winner in my opinion is C# and .NET here.


I have to admit, I am not that big of a fan of reflection.  I know it is “neato” and can do lots of cool things.  But I have seen too much “cool” reflection code that breaks when I use the refactor tool.  Sometimes though, even I have to admit, it is the only tool that will do the job.  When that is the case, you expect it to be easier than rocket science.  At least I do.

Java and C# both provide similar capabilities in reflection through the standard framework libraries.  With either language you can easily get a class, find out what methods are on that class and dynamically call them.  There is, however, one important difference which C# is able to provide through the use of Lamba Expressions.

I don't want to go into the technical details here because they are pretty complicated, but C# will basically allow strongly typed reflection through the use of LINQ to create an expression tree that will provide the information to strongly type the reflected information.  This is pretty cool, although I still don't like reflection.

One more point here, the dynamic keyword in .NET 4.0 probably belongs here because it is reflection-like.  It will allow for very easy COM interoperability and allow certain parts of C# code to be dynamically typed instead of static.


Both C# and Java frameworks are vast in areas of security.  Unfortunately, both are fairly complex and difficult to use or understand.  Couple this complexity with the changing demands of security and theories about security, spread across multiple platforms and deployment situations, and you get a mess.

Both choices have similar functionality in cryptography.  Both use provider models for authentication and support a wide variety of authentication services, including user defined services.  Both allow for role based security through a provider model.

The differences are what you would expect considering the language and framework targets.  C# and .NET are better equipped in a Windows environment and allow very easy use of windows authentication schemes and active directory.  Java is more flexible, allowing easier interoperability with multiple operating systems and authentication methods, but at the cost of a slightly more complex and burdensome API.  C# and .NET allow the usage of Code Access Security (CAS), which is a very complex concept that basically allows individual level rights to be applied to sections of code controlled from the machine configuration.  Unfortunately, this turned out to be overly complex and something that almost no one used correctly.  For that reason Microsoft is getting rid of the concept of CAS in .NET framework 4.0.

I really don't like either choice for Security at this point.  Both are confusing, and there are no clear-cut best practices for applying security to the application.  I think both frameworks have a way to go to make security something that is very easy to implement and understand.  We will probably see a large amount of churn in this area because of the changing needs of security, as we transition from a primarily web based application model to this mixed model, using applications that are able to run outside of the browser but start their life inside, and hybrid systems utilizing both.

Text Manipulation

At some point in time every developer faces this challenge.  For this reason, I consider it an important part of any framework.  Some of the most common problems involve parsing files, splitting strings, and searching for patterns.  While regular expressions is part of the equation, it is not the only tool for the job, and as frequently said

Some people, when confronted with a problem, think
“I know, I'll use regular expressions.”   Now they have two problems.

Let's take a look at String.  Very similar in Java and C#, but some subtle differences.  My first beef is that in Java I cannot do “string1” == “string2”.  In C#, this is fine because it ends up just calling the .equals.  Having done a large amount of string comparisons in Java, after having been able to do them with == in C#, I can say this is really annoying.  I have to say though, I do like the substring better in Java than C#.  In C#, substring takes the beginning index and the number of characters to grab.  In Java, substring takes the beginning index and the ending index.  Much more often I have found that I know a beginning and ending index rather than a length.  Often in C# you will have to write confusing code like

Which is pretty confusing and I am always wondering if I am off by 1.  C# provides a method String.IsNullOrEmpty, which is very useful.  4.0 will provide IsNullOrWhitespace, which will be even more useful.  In Java, you have to check for null and empty separately, or write your own and then curse everyone for not using it.  String.Format is also nicer in C# vs Java.  I like being able to do String.Format(“The number {0} plus {1} is equal to {2}”, “one”, 3, “four”) vs in Java using String.Format(“The number %s plus %d is equal to %s”, “one”, 3, “four”);

Both languages have string builders.  In C# I tend to use string.split, because it is easy and in Java I tend to use StringTokenizer, because I am always afraid I am going to insert an accidental regular expression in the Java String.split method.  Regular expressions are supported in both frameworks, although I think it is slightly easier to use the regular expressions in Java, while C# regular expressions are more powerful.  I couldn't find a way to do a named capture in Java regular expressions.

Final words

In my mind, C#'s .NET framework is a little larger and easier to use than the standard Java framework.  I don't think they are very far apart in functionality or ease-of-use in most areas, but there are some notable areas where .NET stands out.  I don't have the time or knowledge to cover all the various aspects of the two languages across all possible comparison avenues, but I have tried to focus on what I think is important as a developer.  I am currently developing mostly in Java, but not too long ago I was developing mostly in C#, so I feel I can make some good judgments between the two.  In my final part of this series I will talk about the tooling support for Java and C#, then I will move onto more interesting things.  (I am starting to get sick of talking about Java vs C#.)

C# vs Java Part 1: Language

C# vs Java Part 2: Platforms

C# vs Java Part 3: Frameworks

About the author

John Sonmez

John Sonmez is the founder of Simple Programmer and a life coach for software developers. He is the best selling author of the book "Soft Skills: The Software Developer's Life Manual."