RESTful Web Services. Stefan Marr. Agenda. What is REST? The Bookmark Example. Principles of REST Web Service Design. Semantic of HTTP/1.

Similar documents
REST web services. Representational State Transfer Author: Nemanja Kojic

Designing RESTful Web Applications

A Comparison of Service-oriented, Resource-oriented, and Object-oriented Architecture Styles

SOA and Virtualization Technologies (ENCS 691K Chapter 2)

REST vs. SOAP: Making the Right Architectural Decision

A Comparison of Service-oriented, Resource-oriented, and Object-oriented Architecture Styles

The presentation explains how to create and access the web services using the user interface. WebServices.ppt. Page 1 of 14

Server based signature service. Overview

Guidelines for Implementation of REST

Service Computing: Basics Monica Scannapieco

Introduction to UDDI: Important Features and Functional Concepts

Method of Unified Communications and Collaboration Service in Open Service Platform based on RESTful Web Services

An introduction to creating Web 2.0 applications in Rational Application Developer Version 8.0

Session 6 Patterns and best practices in SOA/REST

Consuming and Producing Web Services with WST and JST. Christopher M. Judd. President/Consultant Judd Solutions, LLC

Easy configuration of NETCONF devices

T320 E-business technologies: foundations and practice

Introduction to Service Oriented Architectures (SOA)

The end. Carl Nettelblad

WEB SERVICES TEST AUTOMATION

Service Oriented Architecture

XIII. Service Oriented Computing. Laurea Triennale in Informatica Corso di Ingegneria del Software I A.A. 2006/2007 Andrea Polini

Enabling REST Services with SAP PI. Michael Le Peter Ha

Distribution and Integration Technologies

Task 20 : The SOA approach

REST Web Services in Collaborative Work Environments

Web Service Facade for PHP5. Andreas Meyer, Sebastian Böttner, Stefan Marr

Integrating Complementary Tools with PopMedNet TM

Internationalization and Web Services

Consuming and Producing Web Services with Web Tools. Christopher M. Judd. President/Consultant Judd Solutions, LLC

Literature Review Service Frameworks and Architectural Design Patterns in Web Development

Simplifying Processes Interoperability with a Service Oriented Architecture

Java Security Web Services Security (Overview) Lecture 9

Lesson 4 Web Service Interface Definition (Part I)

Emerging Technologies Shaping the Future of Data Warehouses & Business Intelligence

Some REST Design Patterns (and Anti-Patterns)

EUR-Lex 2012 Data Extraction using Web Services

Web-Based Hazus-MH. A Conceptual Approach. Mourad Bouhafs, AVP ATKINS Atlanta mourad.bouhafs@atkinsglobal.com

Grid Computing. Web Services. Explanation (2) Explanation. Grid Computing Fall 2006 Paul A. Farrell 9/12/2006

Setting the World on FHIR

B6: GET /started/with/ HTTP Analysis

Ole Lensmar CTO SmartBear Software PAST, PRESENT AND FUTURE OF APIS FOR MOBILE AND WEB APPS

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

Resource Oriented Architecture and REST

September 2009 Cloud Storage for Cloud Computing

Lightweight Data Integration using the WebComposition Data Grid Service

Service-Oriented Architectures

HexaCorp. White Paper. SOA with.net. Ser vice O rient ed Ar c hit ecture

Progress OpenEdge REST

Term Paper. P r o f. D r. E d u a r d H e i n d l. H o c h s c h u l e F u r t w a n g e n U n i v e r s i t y. P r e s e n t e d T o :

STUDY ON IMPROVING WEB SECURITY USING SAML TOKEN

Middleware and the Internet. Example: Shopping Service. What could be possible? Service Oriented Architecture

AJAX Integration Approach for Collaborative Calendar-Server Web Services

Security Testing For RESTful Applications

What is a Web service?

Contents. 2 Alfresco API Version 1.0

Web application development landscape: technologies and models

Cloud Computing & Service Oriented Architecture An Overview

ActiveVOS Server Architecture. March 2009

How To Write A Web Server In Javascript

How To Understand A Services-Oriented Architecture

Blogging. Wordpress.com Weebly.com Penzu.com Blog.com Wix.com Blogger

Motivation Definitions EAI Architectures Elements Integration Technologies. Part I. EAI: Foundations, Concepts, and Architectures

Solution Showcase Session. Enterprise 2.0 Computing Services

Secure Authentication and Session. State Management for Web Services

Secure Semantic Web Service Using SAML

Core Feature Comparison between. XML / SOA Gateways. and. Web Application Firewalls. Jason Macy jmacy@forumsys.com CTO, Forum Systems

SOA REFERENCE ARCHITECTURE: WEB TIER

BPMN for REST. Cesare Pautasso Faculty of Informatics, USI Lugano, Switzerland

02267: Software Development of Web Services

WEB SERVICES. Revised 9/29/2015

SoapUI NG Pro and Ready! API Platform Two-Day Training Course Syllabus


SOA Planning Guide The Value Enablement Group, LLC. All rights reserved.

Run-time Service Oriented Architecture (SOA) V 0.1

SyncML Device Management

Architectural Requirements for an SOA Based on Web Services. Jim Bole VP, Engineering Infravio, Inc. April 23, 2003

Digital Signature Web Service Interface

Techniques for Composing REST services

Lecture Overview. Web 2.0, Tagging, Multimedia, Folksonomies, Lecture, Important, Must Attend, Web 2.0 Definition. Web 2.

XML Processing and Web Services. Chapter 17

Web Design Technology

Standards, Tools and Web 2.0

JAVA API FOR XML WEB SERVICES (JAX-WS)

SwiftScale: Technical Approach Document

Web Services Development Guide: How to build EMBRACE compliant Web Services Version 2.0, 13 December 2006

Rich-Internet Anwendungen auf Basis von ColdFusion und Ajax

Firewall Builder Architecture Overview

Middleware and the Internet

SmartTV User Interface Development for SmartTV using Web technology and CEA2014. George Sarosi

sessionx Desarrollo de Aplicaciones en Red Web Applications History (1) Content History (2) History (3)

Performance Testing for Ajax Applications

Implementing Mobile Thin client Architecture For Enterprise Application

REST (Representa.onal State Transfer) Ingegneria del So-ware e Lab. Università di Modena e Reggio Emilia Do<. Marzio Franzini

e-gov Architecture Service Interface Guidelines

MUSICIAN WEB-SERVICE USING RUBY-ON-RAILS, SOAP, FLEX & AJAX

How to consume a Domino Web Services from Visual Studio under Security

Chapter 2: Cloud Basics Chapter 3: Cloud Architecture

SOA, case Google. Faculty of technology management Information Technology Service Oriented Communications CT30A8901.

KMx Enterprise: Integration Overview for Member Account Synchronization and Single Signon

Transcription:

RESTful Web Services Stefan Marr Agenda What is REST? The Bookmark Example Principles of REST Web Service Design Semantic of HTTP/1.1 Operations SOAP vs. REST Style Assets and Drawbacks Security Public Web Services HPI, Seminar Advanced Database Technology - WS0506 / 2

What is REST? Representational State Transfer Term coined by Roy Fielding [REST00] Resource (item of interest) Representation of resource at URI places client in a state Hyperlinks are transitions between states Services itself should be stateless The name Representational State Transfer is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through an application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use. Roy Fielding HPI, Seminar Advanced Database Technology - WS0506 / 3 What is REST? Architectural style, not a standard The Way the Web works, made it successful Largest distributed application ever created Stateless client/server architecture Small set of operations applied to all resources GET, POST, PUT, DELETE Shared set of media-types Being explicit Identify persistent resources with URIs Including artifact resources and application states Allows ing, link-sharing resource-centric view versus remote operations R HPI, Seminar Advanced Database Technology - WS0506 / 4

The Bookmark Example Example for designing a web service the REST way Four basic questions What are the resources? What are the representations? What methods are supported at each resource? What status codes could be returned? What are the resources? Should be nouns, not verbs A single Collections of s Lists of keywords A user profile HPI, Seminar Advanced Database Technology - WS0506 / 5 Principles of REST Web Service Design 1. Identify all conceptual entities to be exposed as services single, collection, keyword list 2. Create a URL to each resource http://www.example.org/testuser//45 Avoid RPC style and using verbs /s/getbookmark?user=testuser&id=45 3. Categorize resources according to available operations GET, PUT, POST, DELETE 4. Resources accessible via HTTP GET should be side-effect free HPI, Seminar Advanced Database Technology - WS0506 / 6

Principles of REST Web Service Design 5. No representation should be an island Put hyperlinks into resource representations Enables clients to obtain related or additional information. 6. Design to reveal data gradually Not everything in a single response document Provide hyperlinks to obtain more details 7. Specify the format of response data using a schema (DTD, XSD, ) For POST and PUT services provide a request specification 8. Describe how to invoke services using a WSDL, or an HTML document HPI, Seminar Advanced Database Technology - WS0506 / 7 The Bookmark Example Define URI space for the resources URI [user]//[id] [user]//newest [user]/s/ [user]/s/tags/[tag]/ [user]/keywords/ [user]/profile all/s/ Type of resource collection collection keyword list user profile collection Description A single for "user" The most recent for "user" The 20 most recent s for "user" The 20 most recent s for "user" that were filed in the category "tag" A list of all the "tags" a user has ever used Information about a user The 20 most recent s in the system HPI, Seminar Advanced Database Technology - WS0506 / 8

The Bookmark Example - What are the representations? Define a representation XBEL - The XML Bookmark Exchange Language <?xml version="1.0"?> <!DOCTYPE xbel PUBLIC "+//IDN python.org//dtd XML Bookmark Exchange Language 1.0//EN//XML" "http://www.python.org/topics/xml/dtds/xbel-1.0.dtd"> <xbel version="1.0"> < href="http://www.xml.com/pub/a/2005/02/09/xml-http-request.html"> <title>very Dynamic Web Interfaces</title> <desc>using XMLHttpRequest to build dynamic web interfaces.</desc> <info> <metadata owner="http://example.com/docu/xbel/baseuri"> http://example.com/testuser//23 </metadata> <metadata owner="http://example.com/docu/xbel/tags"> <tags><tag>xml</tag><tag>ajax</tag></tags> </metadata> </info> </> </xbel> HPI, Seminar Advanced Database Technology - WS0506 / 9 Semantic of HTTP/1.1 Operations GET retrieve whatever information (in the form of an entity) is identified by the Request-URI Retrieve representation, shouldn t result in data modification POST request that the origin server accept the entity enclosed in the request as a new subordinate of the resource identified by the Request-URI Annotation of existing resources, extending a database through an append operation Posting a message to a bulletin board, or group of articles Providing a block of data (e.g. form data) to a data-handling process Used to change state at the server in a loosely coupled way PUT requests that the enclosed entity be stored under the supplied Request-URI, create/put a new resource Used to set some piece of state on the server DELETE requests that the origin server deletes the resource identified by the Request-URI HPI, Seminar Advanced Database Technology - WS0506 / 10

The Bookmark Example What methods are supported at each resource? Decide which methods should be available Single s Method GET PUT DELETE Representation XBEL document for a single XBEL document for a single none Description Get a [user]//[id] [user]//newest Update a at [user]//[id] Or insert a at [user]//newest Delete a at [user]//[id] HPI, Seminar Advanced Database Technology - WS0506 / 11 The Bookmark Example Bookmark collections Method GET POST Representation XBEL document for a collection XBEL document for a single Description Get a collection of s [user]/s/ [user]/s/tags/[tag]/ Add to a collection [user]/s/ HPI, Seminar Advanced Database Technology - WS0506 / 12

The Bookmark Example Keyword lists and user data Method GET GET POST Representation keyword list document user profile document partial user profile May be multipart/form-data encoded Description Get a list of all used keywords [user]/keywords/ Get the user profile [user]/profile Update some detail of user profile with an html form [user]/profile What status codes could be returned? 201 on successful creation of a Standard codes 200 OK and 3xx, 4xx, 5xx for redirection, errors, etc. HPI, Seminar Advanced Database Technology - WS0506 / 13 SOAP vs. REST Style Criticism on SOAP from REST point of view Redefines semantic of HTTP operations Doesn t comply with web architecture POST a SOAP message to a URI POST is meant to add a subordinate to a resource SOAP Requests i.e. a method call Using Status Code 200 for SOAP Errors SOAP 1.2 Binding of SOAP to HTTP intended to make appropriated use of HTTP as application protocol It is possible to retrieve a application state via GET Correct usage of status codes (200, 4xx, 5xx) Pro SOAP Rigid strong typing, interface contract Rich support, tools for code and modeling HPI, Seminar Advanced Database Technology - WS0506 / 14

REST Assets and Drawbacks Assets Development and testing without complex toolkits Debugging of REST requests with a web browser Requires a basic HTTP client, available in every common language REST services can be easily used by AJAX applications APIs in REST style are more consumable then complex APIs Lower learning curve for consumer Everything accessible through universal API Drawbacks Only few tools Restrictions for GET length sometimes may be a problem No direct bridge to the OOP world Difference between REST and RPC style may be subtle sometimes, but not necessarily in general case HPI, Seminar Advanced Database Technology - WS0506 / 15 Security with REST Firewall Operations based on URIs and HTTP methods Can be filter by firewalls No need to inspect and parse e.g. SOAP Server Side Simple ACL based security possible Security and authentication through HTTP(S) Request and response data may be secured by OASIS Web Services Security HPI, Seminar Advanced Database Technology - WS0506 / 16

Public Web Services Amazon http://www.amazon.com/gp/browse.html/ref=sc_fe_l_3/102-5668266-0869764?&node=3487571 Complete API in both flavors Ebay http://developer.ebay.com/ REST API only to access public information Full support only available over SOAP and a proprietary XML API Google http://www.google.com/apis/ No REST API, only SOAP Blogger.com ATOM API http://code.blogger.com/archives/atom-docs.html Blogging API is RESTful HPI, Seminar Advanced Database Technology - WS0506 / 17 Summary REST is A architectural style, no standard The Way the Web works Resource-centric Based on mature standards Lightweight, compared to SOAP It s another philosophy then OOP Currently very few tools to support development (Axis2) But actually no tools necessary resource-centric view versus remote operations R Security advantages over SOAP from network admin point of view HPI, Seminar Advanced Database Technology - WS0506 / 18

References [REST00] Architectural Styles and the Design of Network-based Software Architectures, Roy Thomas Fielding, 2000 http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm How to create a REST Protocol http://www.xml.com/pub/a/2004/12/01/restful-web.html Show me the Code A RESTful Bookmark Web Service http://www.xml.com/pub/a/2005/03/02/restful.html [XBEL] The XML Bookmark Exchange Language http://pyxml.sourceforge.net/topics/xbel/ REST Wiki http://rest.blueoxen.net/cgi-bin/wiki.pl?frontpage HTTP/1.1 RFC 2616 June 1999 Building Web Services the REST Way http://www.xfront.com/rest-web-services.html RESTful Web Services, John Cowan, 2005 http://mercury.ccil.org/~cowan/restws.pdf REST, Roger L. Costello and Timothy D. Kehoe www.xfront.com/rest-full.ppt REST, RPC, mountains, molehills, and a retraction (sort of), Jeff Bone, 2001 http://www.xent.com/pipermail/fork/2001-august/002801.html HPI, Seminar Advanced Database Technology - WS0506 / 19 RESTful Web Services Q & A Stefan Marr

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information