2 OutlineSOAP and RESTREST constraints and gainsREST guidelines
3 SOAP and REST Simple Object Access Protocol Representational State TransferSOAP and REST
4 From RPC to SOAP: RPC Pass remote procedure name and arguments Expect a return valueProcedure signature is implicitIf you change the signature, people have no way to know why it’s not working anymoreIt’s about (function) namesWhereas REST is about standard verbs like GET, POST, etc.
5 From RPC to SOAP: SOAP 1998: Simple Object Access Protocol 2000: Web Service Description Language (WSDL) uses SOAP as underlying protocol, cf SOA slidesSOAP = XML RPC done “right”Long/verbose structured XML messagesVerbosity != metadata
7 Metadata vs verbosityThere are two kinds of pain. The sort of pain that makes you strong, or useless pain that is only suffering.
8 Metadata vs verbosity Pay attention to the fine print metadata. It’s far more important than the selling price data itself.
9 Amazon uses both REST and SOAP Amazon has both SOAP and REST interfaces to their web services, and 85% of their usage is of the REST interface (2003)
10 REST and SOAP They happened concurrently SOAP = envelope, REST = postcardSOAP derived from RPCREST is not a move against SOAPREST is very complexBut it looks simpler than SOAP
11 REST History Hypertext Internet 1992: WWW = Internet + hypertext 1945 memex (Vannevar Bush)1967 hypertext (Project Xanadu)Internet1969 ARPANET (army)1992: WWW = Internet + hypertext2000: REST = reverse-engineer/document the WWW architectural styleHTTP is not mandatory for REST, but it helps
12 SOAP vs RESTSOAP is verbose: large overhead of metadata and boilerplate textSOAPREST<?xml version="1.0"?><soap:Envelope xmlns:soap="http://www.w3.org/2001/12/soap-envelope" soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding"><soap:body pb="http://www.acme.com/phonebook"><pb:GetUserDetails><pb:UserID>12345</pb:UserID></pb:GetUserDetails></soap:Body></soap:Envelope>GET
13 Solutions to SOAP’s verbosity MTOM: Message Transmission Optimization MechanismEncode/compress XML into binaryXOP: XML-binary Optimized PackagingTo encode/decode MTOMTLDR: Binary-encoded XML over HTTPBut HTTP = hypertext transfer protocol
21 1 Client-serverCf week 2Separation of concerns: client display vs server logicDisplay is client-side: clients can have different UIsEach website has a serverSame client (browser) can access multiple servers
22 2 Stateless interactions AKA context-free interactionsStateless interaction does not mean “no data in the server”The server does not store any client-specific information between two requestsState is client-side or in a database
23 Stateful example: SMTP tagus: crista$ telnet smtp.ics.uci.edu 25TryingConnected to smtp.ics.uci.edu.Escape character is '^]'.220 david-tennant-v0.ics.uci.edu ESMTP mailer ready at Mon, 5 Apr :15: 'HELO smtp.ics.uci.edu250 david-tennant-v0.ics.uci.edu Hello barbara-wright.ics.uci.edu [ ], pleased to meet youMAILSender okRCPTRecipient okDATA354 Enter mail, end with "." on a line by itselftest.o360F1Mo Message accepted for deliveryQUITdavid-tennant-v0.ics.uci.edu closing connectionConnection closed by foreign host.
24 Gains from statelessness Immune to server restart/migrationServer restart = lose all dataBut stateless = no data to lose!No server affinityClient requests can be processed by ANY server, not just one particular serverScalabilityServer never knows if/when client sends its next requestSo stateful servers timeout the sessions of clients with long inter-request timesStateless servers don’t have any memory management issues
25 Losses from statelessness Client is less efficientServer needs to pull data for every requestPulling data is straightforward when this data is a static web page (most of the WWW in the 90s)How do you authenticate users?Cookies (not good?)External auth and directory services
26 3 Caching Optional Store data locally so I don’t have to retrieve it In clients, in servers, or in intermediaries (cf layered constraint)Reduces latencyImproves efficiency and scalabilityBut degrades reliability (stale data)
27 4 Layered Intermediaries between client and server Proxies, such as nginxCachesContent Delivery Network, such as AkamaiWeb accelerator, such as CloudFlarePros: ability to balance load (improves scalability), can reduce latency (when cache hits)Cons: can add latency (when cache misses)
28 Do you know what I like about people intermediaries Do you know what I like about people intermediaries? They stack so neatly.
32 Content Delivery Network: Akamai Akamai pays ISPs to host their servers within a few hops of many clientsMany clients = urban areasI pay Akamai to deliver my contentNow, when a client requests my content:Client ISPAkamai server delivers my content!
Pros: thinner clients, improves extensibility. Cons: reduces visibility.",
34 I won't be a slave to anybody or anything you can order with a toll free number any static code.
35 6 Uniform interface The hardest constraint to get right Uniform identification of resourcesManipulation of resources via representationsHypermedia as the engine of app state (HATEOAS)
36 REST Data Elements Uniform Interfaces (The following slides are from Crista Lopes)
37 Resources and their identifiers Uniform InterfacesResources and their identifiersResource = Abstraction of information, any information that can be namedA document, a temporal service (“today’s weather”), collection of other resourcesSome are static, some are dynamicIdentifiers: Universal Resource Identifiers (URIs)
38 Uniform InterfacesRepresentationsServer returns representations of resources, not the resources themselves.E.g. HTML, XMLServer response contains all metadata for client to interpret the representation
39 HATEOAS Hypermedia As The Engine Of Application State Uniform InterfacesHATEOASHypermedia As The Engine Of Application StateIdea: the application is a state machineLoggedOutCreateAccountLoggedInUserChangeAdminSearchUsers…Question is:Where is the clients’ state stored?
40 HATEOAS Non-REST REST Clients’ state kept on the server Server is both state machine and holder of stateRESTState machine on the serverAt any step, client is sent a complete “picture” of where it can go next, ie its state and transitionsLoggedOutLoggedInUserChangeAccount
41 HATEOASServer sends representation of the client’s state back to the clientHence, REpresentional State TransferServer does not “hold on” to client’s statePossible next state transitions of the client are encoded in HypermediaAnchors, forms, scripted actions, …LoggedOutLoggedInUserChangeAccount
43 HTTP Operations GET PUT DELETE HEAD OPTIONS TRACE POST CONNECT Idempotent methods: the side effects of many invocations are exactly the same as the side effects of one invocationPS: remember main and subroutines?
45 RESTful Design Guidelines Embrace hypermediaName your resources/features with URIsDesign your namespace carefullyHide mechanismsBad:Good:Serve POST, GET, PUT, DELETE on those resourcesNearly equivalent to CRUD (Create, Retrieve, Update, Delete)Don’t hold on to stateServe and forget (functional programming-y)Consider serving multiple representationsHTML, XML, JSON
46 RESTful Design Guidelines URIs are nounsThe 8 HTTP operations are verbsVery different from CGI-inspired web programming:Many/most web frameworks promote URIs as verbs and query data as nouns – old CGI model.https://eee.uci.edu/toolbox/dropbox/index.php?op=createdropboxform.rand=9anflcttvlh7n#_pg=showFolder&fid=Inbox&order=down&tt=237&pSize=100&.rand= &.jsrand=
47 Choosing money CGI over power REST is a mistake almost everyone makes. They just don’t know …
49 REST vs Linked Data Linked data REST A data model Proposed by Berners-LeeRESTAn interaction modelProposed by Fielding
50 Taylor’s REST principles Any information is a resource, named by an URL. (uniform interface)Resource representation is accompanied by metadata about the representation. (uniform interface, code on demand)Interactions are context-free. (stateless)Small set of methods. Each method can be applied to any resource. The result of a method is a representation.Idempotent operations help caching. (cache)Intermediaries use metadata from requests or responses to filter, redirect, or modify representations. This is transparent to client and server. (layered, cache)
51 For you to read/watch http://www.infoq.com/articles/rest-introduction https://groups.yahoo.com/neo/groups/rest-discuss/conversations/topics/5841https://www.youtube.com/watch?v=e2PyeXRwhCEhttps://www.cloudflare.com/overview