2OutlineSOAP and RESTREST constraints and gainsREST guidelines
3SOAP and REST Simple Object Access Protocol Representational State TransferSOAP and REST
4From RPC to SOAP: RPC Pass remote procedure name and arguments Expect a return valueProcedure signature is implicitIf you change the signature, people have no way to know why it’s not working anymoreIt’s about (function) namesWhereas REST is about standard verbs like GET, POST, etc.
5From RPC to SOAP: SOAP 1998: Simple Object Access Protocol 2000: Web Service Description Language (WSDL) uses SOAP as underlying protocol, cf SOA slidesSOAP = XML RPC done “right”Long/verbose structured XML messagesVerbosity != metadata
7Metadata vs verbosityThere are two kinds of pain. The sort of pain that makes you strong, or useless pain that is only suffering.
8Metadata vs verbosity Pay attention to the fine print metadata. It’s far more important than the selling price data itself.
9Amazon uses both REST and SOAP Amazon has both SOAP and REST interfaces to their web services, and 85% of their usage is of the REST interface (2003)
10REST and SOAP They happened concurrently SOAP = envelope, REST = postcardSOAP derived from RPCREST is not a move against SOAPREST is very complexBut it looks simpler than SOAP
11REST History Hypertext Internet 1992: WWW = Internet + hypertext 1945 memex (Vannevar Bush)1967 hypertext (Project Xanadu)Internet1969 ARPANET (army)1992: WWW = Internet + hypertext2000: REST = reverse-engineer/document the WWW architectural styleHTTP is not mandatory for REST, but it helps
12SOAP vs RESTSOAP is verbose: large overhead of metadata and boilerplate textSOAPREST<?xml version="1.0"?><soap:Envelope xmlns:soap="http://www.w3.org/2001/12/soap-envelope" soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding"><soap:body pb="http://www.acme.com/phonebook"><pb:GetUserDetails><pb:UserID>12345</pb:UserID></pb:GetUserDetails></soap:Body></soap:Envelope>GET
13Solutions to SOAP’s verbosity MTOM: Message Transmission Optimization MechanismEncode/compress XML into binaryXOP: XML-binary Optimized PackagingTo encode/decode MTOMTLDR: Binary-encoded XML over HTTPBut HTTP = hypertext transfer protocol
211 Client-serverCf week 2Separation of concerns: client display vs server logicDisplay is client-side: clients can have different UIsEach website has a serverSame client (browser) can access multiple servers
222 Stateless interactions AKA context-free interactionsStateless interaction does not mean “no data in the server”The server does not store any client-specific information between two requestsState is client-side or in a database
23Stateful example: SMTP tagus: crista$ telnet smtp.ics.uci.edu 25TryingConnected to smtp.ics.uci.edu.Escape character is '^]'.220 david-tennant-v0.ics.uci.edu ESMTP mailer ready at Mon, 5 Apr :15: 'HELO smtp.ics.uci.edu250 david-tennant-v0.ics.uci.edu Hello barbara-wright.ics.uci.edu [ ], pleased to meet youMAILSender okRCPTRecipient okDATA354 Enter mail, end with "." on a line by itselftest.o360F1Mo Message accepted for deliveryQUITdavid-tennant-v0.ics.uci.edu closing connectionConnection closed by foreign host.
24Gains from statelessness Immune to server restart/migrationServer restart = lose all dataBut stateless = no data to lose!No server affinityClient requests can be processed by ANY server, not just one particular serverScalabilityServer never knows if/when client sends its next requestSo stateful servers timeout the sessions of clients with long inter-request timesStateless servers don’t have any memory management issues
25Losses from statelessness Client is less efficientServer needs to pull data for every requestPulling data is straightforward when this data is a static web page (most of the WWW in the 90s)How do you authenticate users?Cookies (not good?)External auth and directory services
263 Caching Optional Store data locally so I don’t have to retrieve it In clients, in servers, or in intermediaries (cf layered constraint)Reduces latencyImproves efficiency and scalabilityBut degrades reliability (stale data)
274 Layered Intermediaries between client and server Proxies, such as nginxCachesContent Delivery Network, such as AkamaiWeb accelerator, such as CloudFlarePros: ability to balance load (improves scalability), can reduce latency (when cache hits)Cons: can add latency (when cache misses)
28Do you know what I like about people intermediaries Do you know what I like about people intermediaries? They stack so neatly.
32Content Delivery Network: Akamai Akamai pays ISPs to host their servers within a few hops of many clientsMany clients = urban areasI pay Akamai to deliver my contentNow, when a client requests my content:Client ISPAkamai server delivers my content!
Pros: thinner clients, improves extensibility. Cons: reduces visibility.",
34I won't be a slave to anybody or anything you can order with a toll free number any static code.
356 Uniform interface The hardest constraint to get right Uniform identification of resourcesManipulation of resources via representationsHypermedia as the engine of app state (HATEOAS)
36REST Data Elements Uniform Interfaces (The following slides are from Crista Lopes)
37Resources and their identifiers Uniform InterfacesResources and their identifiersResource = Abstraction of information, any information that can be namedA document, a temporal service (“today’s weather”), collection of other resourcesSome are static, some are dynamicIdentifiers: Universal Resource Identifiers (URIs)
38Uniform InterfacesRepresentationsServer returns representations of resources, not the resources themselves.E.g. HTML, XMLServer response contains all metadata for client to interpret the representation
39HATEOAS Hypermedia As The Engine Of Application State Uniform InterfacesHATEOASHypermedia As The Engine Of Application StateIdea: the application is a state machineLoggedOutCreateAccountLoggedInUserChangeAdminSearchUsers…Question is:Where is the clients’ state stored?
40HATEOAS Non-REST REST Clients’ state kept on the server Server is both state machine and holder of stateRESTState machine on the serverAt any step, client is sent a complete “picture” of where it can go next, ie its state and transitionsLoggedOutLoggedInUserChangeAccount
41HATEOASServer sends representation of the client’s state back to the clientHence, REpresentional State TransferServer does not “hold on” to client’s statePossible next state transitions of the client are encoded in HypermediaAnchors, forms, scripted actions, …LoggedOutLoggedInUserChangeAccount
43HTTP Operations GET PUT DELETE HEAD OPTIONS TRACE POST CONNECT Idempotent methods: the side effects of many invocations are exactly the same as the side effects of one invocationPS: remember main and subroutines?
45RESTful Design Guidelines Embrace hypermediaName your resources/features with URIsDesign your namespace carefullyHide mechanismsBad:Good:Serve POST, GET, PUT, DELETE on those resourcesNearly equivalent to CRUD (Create, Retrieve, Update, Delete)Don’t hold on to stateServe and forget (functional programming-y)Consider serving multiple representationsHTML, XML, JSON
46RESTful Design Guidelines URIs are nounsThe 8 HTTP operations are verbsVery different from CGI-inspired web programming:Many/most web frameworks promote URIs as verbs and query data as nouns – old CGI model.https://eee.uci.edu/toolbox/dropbox/index.php?op=createdropboxform.rand=9anflcttvlh7n#_pg=showFolder&fid=Inbox&order=down&tt=237&pSize=100&.rand= &.jsrand=
47Choosing money CGI over power REST is a mistake almost everyone makes. They just don’t know …
49REST vs Linked Data Linked data REST A data model Proposed by Berners-LeeRESTAn interaction modelProposed by Fielding
50Taylor’s REST principles Any information is a resource, named by an URL. (uniform interface)Resource representation is accompanied by metadata about the representation. (uniform interface, code on demand)Interactions are context-free. (stateless)Small set of methods. Each method can be applied to any resource. The result of a method is a representation.Idempotent operations help caching. (cache)Intermediaries use metadata from requests or responses to filter, redirect, or modify representations. This is transparent to client and server. (layered, cache)
51For you to read/watch http://www.infoq.com/articles/rest-introduction https://groups.yahoo.com/neo/groups/rest-discuss/conversations/topics/5841https://www.youtube.com/watch?v=e2PyeXRwhCEhttps://www.cloudflare.com/overview