Lesson 15 SOA with REST (Part II)

Similar documents
Lesson 14 SOA with REST (Part I)

RESTful Web Services vs. Big Web Services: Making the Right Architectural Decision

Lesson 5 Web Service Interface Definition (Part II)

Lesson 3 SOAP message structure

04 Webservices. Web APIs REST Coulouris. Roy Fielding, Aphrodite, chp.9. Chp 5/6

RESTful Services. Distributed Enabling Platform

Implementing a Ground Service- Oriented Architecture (SOA) March 28, 2006

Services Web Nabil Abdennadher

ReST 2000 Roy Fielding W3C

Distribution and web services

HTTP, REST Web Services

Lesson 13 Securing Web Services (WS-Security, SAML)

Develop Mobile Front Ends Using Mobile Application Framework A - 2

WWW, REST, and Web Services

IEC : Implementation Profile

AIM Enterprise Platform Software IBM z/transaction Processing Facility Enterprise Edition 1.1.0

BEAAquaLogic. Service Bus. JPD Transport User Guide

Service Interface Design RSVZ / INASTI 12 July 2006

RESTful Web Service Composition with JOpera

Web Services Chapter 9 of Coulouris

BEAAquaLogic. Service Bus. Interoperability With EJB Transport

C exam. IBM C IBM WebSphere Application Server Developer Tools V8.5 with Liberty Profile. Version: 1.

Fast Track to Java EE

RESTful API Design APIs your consumers will love

REST Easy with Infrared360

RESTful Web services

MSc. Software Engineering. Examinations for / Semester 1

INF5750. RESTful Web Services

What protocol to choose

WebSphere MQ Update. Paul Dennis WMQ Development 2007 IBM Corporation

SUN. Java Platform Enterprise Edition 6 Web Services Developer Certified Professional

There is REST and then there is REST. Radovan Semančík November 2017

A Comparison of Service-oriented, Resource-oriented, and Object-oriented Architecture Styles

Oracle Developer Day

Distributed Systems. Web Services (WS) and Service Oriented Architectures (SOA) László Böszörményi Distributed Systems Web Services - 1

Architectural patterns and models for implementing CSPA

: ESB Implementation Profile

JAVA COURSES. Empowering Innovation. DN InfoTech Pvt. Ltd. H-151, Sector 63, Noida, UP

Simple Object Access Protocol (SOAP) Reference: 1. Web Services, Gustavo Alonso et. al., Springer

Web Services in Cincom VisualWorks. WHITE PAPER Cincom In-depth Analysis and Review

SHORT NOTES / INTEGRATION AND MESSAGING

describe the functions of Windows Communication Foundation describe the features of the Windows Workflow Foundation solution

Goal: Offer practical information to help the architecture evaluation of an SOA system. Evaluating a Service-Oriented Architecture

UNITE 2003 Technology Conference

IEC Overview CIM University UCAIug Summit Austin, TX. 18 November 2011

IEC Implementation Profiles for IEC 61968

Copyright 2014 Blue Net Corporation. All rights reserved

BEAAquaLogic. Service Bus. MQ Transport User Guide

Introduction to Web Services & SOA

Naming & Design Requirements (NDR)

ENTERPRISE SOA CONFERENCE

Lesson 19 Software engineering aspects

WA1670 SOA Testing Workshop. Student Labs. Web Age Solutions Inc.

A RESTful Approach to the Management of Cloud Infrastructure. Swit Phuvipadawat Murata Laboratory

REST for SOA. Stefan Tilkov, innoq Deutschland GmbH

REST. And now for something completely different. Mike amundsen.com

CICS solutions White paper Delivering e-business access to CICS: strategic options.

Web Services Development for IBM WebSphere Application Server V7.0

IBM Exam IBM WebSphere DataPower SOA Appliances Firmware V5.0 Solution Implementation Version: 6.0 [ Total Questions: 75 ]

Java Web Service Essentials (TT7300) Day(s): 3. Course Code: GK4232. Overview

SOAP. Jasmien De Ridder and Tania Van Denhouwe

Understanding RESTful APIs and documenting them with Swagger. Presented by: Tanya Perelmuter Date: 06/18/2018

Lisa Banks Distributed Systems Subcommittee

Open XML Gateway User Guide. CORISECIO GmbH - Uhlandstr Darmstadt - Germany -

What Is Service-Oriented Architecture

Introduction to Web Services & SOA

Enterprise Integration Using IEC

edocs Home > BEA AquaLogic Service Bus 3.0 Documentation > Accessing ALDSP Data Services Through ALSB

IBM Software Group. IBM WebSphere MQ V7.0. Introduction and Technical Overview. An IBM Proof of Technology IBM Corporation

ACORD Web Services Profile: 2.0 vs. 1.0

BEAAquaLogic. Service Bus. Native MQ Transport User Guide

UNITE 2007 Technology Conference

Realisation of SOA using Web Services. Adomas Svirskas Vilnius University December 2005

IBM Integration Bus v9.0 System Administration: Course Content By Yuvaraj C Panneerselvam

Aim behind client server architecture Characteristics of client and server Types of architectures

WSRP Web Services for Remote Portlets

Etanova Enterprise Solutions

PS/2 Web Services

J2EE APIs and Emerging Web Services Standards

SEMI North America XML Messaging with E128

Enterprise SOA Experience Workshop. Module 8: Operating an enterprise SOA Landscape

WS-* vs. REST: Mashing up the Truth from Facts, Myths and Lies

1Z Java EE 6 Web Services Developer Certified Expert Exam Summary Syllabus Questions

An introduction API testing with SoapUI

Foundations of Python

XML Web Service? A programmable component Provides a particular function for an application Can be published, located, and invoked across the Web

What is REST? ; Erik Wilde ; UC Berkeley School of Information

J2EE Development. Course Detail: Audience. Duration. Course Abstract. Course Objectives. Course Topics. Class Format.

CO Java EE 7: Back-End Server Application Development

Connecting Enterprise Systems to WebSphere Application Server

Asynchronous and Synchronous Messaging with Web Services and XML Ronald Schmelzer Senior Analyst ZapThink, LLC

Synchronization of Services between the IBM WebSphere Services Registry & Repository and SAP s Services Registry

Designing RESTful Web Applications. Ben Ramsey

BPEL Research. Tuomas Piispanen Comarch

ORACLE INTRODCUTION. Service Bus 11g For the Busy IT Professional. munz & more Dr. Frank Munz November getting started

This presentation is a primer on WSDL Bindings. It s part of our series to help prepare you for creating BPEL projects. We recommend you review this

Web services (GSE NL)

MTAT Enterprise System Integration. Lecture 2: Middleware & Web Services

Customizing a Packaged Application for a J2EE Environment: A Case Study. Leslie Tierstein TopTier Consulting, Inc.

Service oriented Middleware for IoT

Transcription:

Lesson 15 SOA with REST (Part II) Service Oriented Architectures Security Module 3 - Resource-oriented services Unit 1 REST Ernesto Damiani Università di Milano

REST Design Tips 1. Understanding GET vs. POST vs. PUT 2. Multiple Representations Content-Type Negotiation 3. Exception Handling Idempotent vs. Unsafe

POST vs. GET GET is a read-only operation. It can be repeated without affecting the state of the resource (idempotent) and can be cached POST is a read-write operation and may change the state of the resource and provoke side effects on the server Web browsers warn you when refreshing a page generated with POST

POST vs. PUT What is the right way of creating resources (initialize their state)? Problem: How to ensure resource {id} is unique? (Resources can be created by multiple clients concurrently) Solution: let the server compute the unique id

Content Negotation (Conneg) Negotiating the message format does not require to send more messages 1. The client lists the set of format (MIME types) that it understands 2. The server chooses the most appropriate one for the reply

Forced Content Negotiation The generic URI supports content negotiation The specific URI points to a specific representation format using the postfix Warning: This is a conventional best practice (not a standard)

Exception Handling

Idempotent vs. Unsafe (1) Idempotent requests can be processed multiple times without side effects (the state of the server does not change) If something goes wrong (server down, server internal error), the request can be simply replayed until the server is back up again

Idempotent vs. Unsafe (2) Unsafe requests modify the state of the server and cannot be repeated without further effects: Unsafe requests require special handling in case of exceptional situations (e.g., state reconciliation) In some cases the API can be redesigned to use idempotent operations:

Comparing WS-* vs. REST?

RESTful Web Application: example

Web Service Example (from REST perspective)

Main difference: REST vs. SOAP (1) The Web is the universe of globally accessible information (Tim Berners Lee) Applications should publish their data on the Web (through URI)

Main difference: REST vs. SOAP (2) The Web is the universal transport for messages Applications get a chance to interact but they remain outside of the Web

REST as a connector

Stateless or Stateful? REST provides explicit state transitions Communication is stateless Resources contain data and links representing valid state transitions Clients maintain state correctly by following links in generic manner Techniques for adding session to HTTP: Cookies (HTTP Headers) URL Re-writing Hidden Form Fields

What about service description? REST relies on human readable documentation that defines requests URIs and responses (XML, JSON) Interacting with the service means hours of testing and debugging URIs manually built as parameter combinations. (Is it really that simpler building URIs by hand?) Why do we need strongly typed SOAP messages if both sides already agree on the content? WADL proposed Nov. 2006 XML Forms enough?

What about security? (1) REST security is all about HTTPS Proven track record (SSL1.0 from 1994) Secure, point to point communication (Authentication, Integrity and Encryption)

What about security? (2) SOAP security extensions defined by WS-Security (from 2004) XML Encryption (2002) XML Signature (2001) Implementations are starting to appear now Full interoperability moot Performance? Secure, end-to-end communication Selfprotecting SOAP messages (does not require HTTPS)

What about asynchronous reliable messaging? (1) Although HTTP is a synchronous protocol, it can be used to simulate a message queue

What about asynchronous reliable messaging? (2) SOAP messages can be transferred using asynchronous transport protocols and APIs (like JMS, MQ, ) WS-Addressing can be used to define transportindependent endpoint references WS-ReliableExchange defines a protocol for reliable message delivery based on SOAP headers for message identification and acknowledgement

SOAP and REST RESTafarians would like Web services to use and not to abuse the architecture of the Web Web Services more valuable when accessible from the Web Web more valuable when Web Services are a part of it W3C Workshop on Web of Services for Enterprise Computing, 27-28 February 2007 with IBM, HP, BEA, IONA, Yahoo, Sonic, Redhat/JBoss, WSO2, Xerox, BT, Coactus Consulting, Progress Software, and others

REST and SOAP Similarities Existing Web applications can gracefully support both traditional Web clients (HTML/POX) and SOAP clients in a RESTful manner MIME Type: application/soap-xml SOAP with document/literal style not so different from REST (or at least HTTP/POX) - apart from the GET/POST misuse and the extra <envelope><header><body> tags in the payload

Debunking the Myth (1) Many RESTafarians have taken the position that REST and Web services are somehow incompatible with one another Fact: recent versions of SOAP and WSDL have been designed specifically to enable more RESTful use of Web services SOAP1.2 SOAP1.2 Response MEP Web Method

Debunking the Myth (2) WSDL2.0 HTTP binding permits assigning verbs (GET, POST, etc.) on a per-operation basis Attribute to mark an operation as safe (and thus cacheable) Unfortunately, the implementations of Web services runtimes and tooling have made RESTful use of Web services difficult

Conclusion and Outlook (1) Service-Oriented Architecture can be implemented in different ways You should generally focus on whatever architecture gets the job done and recognize the significant value of open standards but try to avoid being religious about any specific architectures or technologies The right steps have been taken in the development of some of the more recent WS-* specifications to enable this vision to become reality

Conclusion and Outlook (2) SOAP and the family of WS-* specifications have their strengths and weaknesses and will be highly suitable to some applications and positively terrible for others. Likewise with REST. The decision of which to use depends entirely on the circumstances of the application In the near future there will be a single scalable middleware stack, offering the best of the Web in simple scenarios, and scaling gracefully with the addition of optional extensions when more robust quality of service features are required

References FINE

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback