Presentation is loading. Please wait.

Presentation is loading. Please wait.

15 May 2007 IVOA Beijing: Grid & Web Services 21 Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY vs.

Similar presentations


Presentation on theme: "15 May 2007 IVOA Beijing: Grid & Web Services 21 Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY vs."— Presentation transcript:

1 15 May 2007 IVOA Beijing: Grid & Web Services 21 Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY vs

2 15 May 2007 IVOA Beijing: Grid & Web Services 22 What is REST? Representational State Transfer (Fielding 2000) A resource-oriented architectural style for web services based on the WWW architecture: –Each resource has a unique identifier (URI) –Resource representations are exchanged in XML over HTTP –Agents employ the HTTP methods as a standard API to ensure uniform interface semantics REST is about exposing resources through URIs and not services through messaging interfaces REST is possible with SOAP and WSDL 2.0

3 15 May 2007 IVOA Beijing: Grid & Web Services 23 RESTful interfaces HTTP method DescriptionHTTP status codes GETView resource representation200, 301, 400 PUTCreate/Modify client-identified resource 200, 301, 400, 410 POSTCreate/Modify server-identified resource 201, 400 DELETEDelete resource200, 204 GET is safe: it has no side effects and is purely for retrieval GET, PUT, and DELETE are idempotent: the side-effect of N > 0 identical requests is the same as for a single request Atom Publishing Protocol is the canonical REST interface WebDAV is not RESTful: URLs are inherently hierarchical and not opaque properties and locks are not separate resources PROPPATCH, PROPFIND, LOCK and UNLOCK methods manipulate metadata attached to a resource 207 (Multi-Status) response code for bundled operations

4 15 May 2007 IVOA Beijing: Grid & Web Services 24 WS-* (18 months ago) WS-I Basic Profile WS-I Basic Security Profile WS-Manageability WS-Management WS-MetadataExchange WS-Notification WS-Policy WS-PolicyAssertions WS-PolicyAttachment WS-PolicyFramework WS-Polling WS-Provisioning WS-Reliability WS-ReliableMessaging WS-RemotePortals WS-ResourceFramework WS-ResourceLifetime WS-ResourceProperties WS-Routing WS-SecureConversation WS-Security WS-SecurityPolicy WS-Addressing WS-AtomicTransaction WS-Attachments WS-BaseNotification WS-BPEL WS-BrokeredNotification WS-BusinessActivity WS-CAF WS-Choreography WS-CDL WS-Context WS-Coordination WS- CoordinationFramework WS-Discovery WS- DistributedManagement WS-Enumeration WS-Eventing WS-ExperienceLanguage WS-Federation WS-GAF WS-Inspection WSIL WS-Semantics WS-Topic WS-Transaction WS-Transaction Management WS-Transfer WS-Trust ASAP ebXML MTOM SAML SOAP SwA UBL UDDI WSDL XACML XML Encryption XML Signature XKMS + others incl. WS- KitchenSink

5 15 May 2007 IVOA Beijing: Grid & Web Services 25 Description languages - I WSDL: –Complicated –Difficult to describe protocols that use SOAP headers so not straightforward for WS-* –Operation-centric –Web service versioning is difficult (better in WSDL 2.0) –Limited modelling of interaction patterns (no more than two messages within a single exchange) –No choreographic information so cannot specify ordering constraints between operations –WSDL is immutable so no dynamic endpoints

6 15 May 2007 IVOA Beijing: Grid & Web Services 26 Description languages - II WSDL 1.1: –Supports HTTP GET and POST –Cannot use GET with no parameters –Cannot mix multiple HTTP methods on one port WSDL 2.0: –Supports HTTP GET/PUT/POST/DELETE –No support for JSON or binary format (need to write specification for binding rules on how to serialize) –Authentication limited to HTTP Basic and Digest –No support for links: cannot write WSDL for Atom Publishing Protocol WADL: –Backed by Sun (wadl.java.dev.net - wadl2java) –http://code.google.com/p/rest-api-code-gen/ –REST Describe (http://tomayac.de/rest-describe/latest/RestDescribe.html)

7 15 May 2007 IVOA Beijing: Grid & Web Services 27 Sample WADL file

8 15 May 2007 IVOA Beijing: Grid & Web Services 28 Security WS-Security: –provides message level, end-to-end security –really requires WS-SecurityPolicy –interoperable implementations? HTTP Basic: –Base64-encoded username/password HTTP Digest: –MD5 hashes of username, password, authentication realm, etc. SSL/TLS: –provides transport level, point-to-point security Message authentication: –AWS approach using HMAC with SHA-1 hash code HTTPSec for full message level security

9 15 May 2007 IVOA Beijing: Grid & Web Services 29 Addressing + state WS-Addressing: –SOAP lacks a standard way to specify where a message is going, how to return a response or where to report an error –provides SOAP header keywords such as: To, ReplyTo, FaultsTo, Anonymous, and MessageId/RelatesTo. –SAF (Store-and-forward) service is a use case that REST cannot address WSRF: –framework for handling state –separates web service and state information (resource) –a resource has a unique key and message exchanges with the service are used to interact with the resource –basically equivalent to REST


Download ppt "15 May 2007 IVOA Beijing: Grid & Web Services 21 Matthew J. Graham (Caltech, NVO) T HE US N ATIONAL V IRTUAL O BSERVATORY vs."

Similar presentations


Ads by Google