23 / 13 Oct 2014
SOAP (Simple Object Access Protocol) and REST (Representation State Transfer) are popular with developers working on system integration based projects. Software architects will design the application from various perspectives and also decides, based on various reasons, which approach to take to expose new API to third party applications. As a software architect, it is good practice to involve your development team lead during system architecture process.
This article, based on my experience, will discuss when to use SOAP or REST web services to expose your API to third party clients.
Web Services Demystified
Web services are part of the Services Oriented Architecture. Web services are used as the model for process decomposition and assembly. I have been involved in discussion where there were some misconception between web services and web API.
The W3C defines a Web Service generally as:
A software system designed to support interoperable machine-to-machine interaction over a network.
Web API also known as Server-Side Web API is a programmatic interface to a defined request-response message system, typically expressed in JSON or XML, which is exposed via the web – most commonly by means of an HTTP-based web server. (extracted from Wikipedia)
Based on the above definition, one can insinuate when SOAP should be used instead of REST and vice-versa but it is not as simple as it looks. We can agree that Web Services are not the same as Web API. Accessing an image over the web is not calling a web service but retrieving a web resources using is Universal Resource Identifier. HTML has a well-defined standard approach to serving resources to clients and does not require the use of web service in order to fulfill their request.
Why Use REST over SOAP
Developers are passionate people. Let's briefly analyze some of the reasons they mentioned when considering REST over SOAP:
REST is easier than SOAP
I'm not sure what developers refer to when they argue that REST is easier than SOAP. Based on my experience, depending on the requirement, developing REST services can quickly become very complex just as any other SOA projects. What is your service abstracting from the client? What is the level of security required? Is your service a long running asynchronous process? And many other requirements will increase the level of complexity. Testability: apparently it easier to test RESTFul web services than their SOAP counter parts. This is only partially true; for simple REST services, developers only have to point their browser to the service endpoints and a result would be returned in the response. But what happens once you need to add the HTTP headers and passing of tokens, parameters validation… This is still testable but chances are you will require a plugin for your browser in order to test those features. If a plugin is required then the ease of testing is exactly the same as using SOAPUI for testing SOAP based services.
RESTFul Web Services serves JSON that is faster to parse than XML
This so called "benefit" is related to consuming web services in a browser. RESTFul web services can also serve XML and any MIME type that you desire. This article is not focused on discussing JSON vs XML; and I wouldn't write any separate article on the topic. JSON relates to JavaScript and as JS is very closed to the web, as in providing interaction on the web with HTML and CSS, most developers automatically assumes that it also linked to interacting with RESTFul web services. If you didn't know before, I'm sure that you can guess that RESTFul web services are language agnostic.
Regarding the speed in processing the XML markup as opposed to JSON, a performance test conducted by David Lead, Lead Engineer at MarkLogic Inc, find out to be a myth.
REST is built for the Web
Well this is true according to Roy Fielding dissertation; after all he is credited with the creation of REST style architecture. REST, unlike SOAP, uses the underlying technology for transport and communication between clients and servers. The architecture style is optimized for the modern web architecture. The web has outgrown is initial requirements and this can be seen through HTML5 and web sockets standardization. The web has become a platform on its own right, maybe WebOS. Some applications will require server-side state saving such as financial applications to e-commerce.
Caching
When using REST over HTTP, it will utilize the features available in HTTP such as caching, security in terms of TLS and authentication. Architects know that dynamic resources should not be cached. Let's discuss this with an example; we have a RESTFul web service to serve us some stock quotes when provided with a stock ticker. Stock quotes changes per milliseconds, if we make a request for BARC (Barclays Bank), there is a chance that the quote that we have receive a minute ago would be different in two minutes. This shows that we cannot always use the caching features implemented in the protocol. HTTP Caching be useful in client requests of static content but if the caching feature of HTTP is not enough for your requirements, then you should also evaluate SOAP as you will be building your own cache either way not relying on the protocol.
HTTP Verb Binding
HTTP verb binding is supposedly a feature worth discussing when comparing REST vs SOAP. Much of public facing API referred to as RESTFul are more REST-like and do not implement all HTTP verb in the manner they are supposed to. For example; when creating new resources, most developers use POST instead of PUT. Even deleting resources are sent through POST request instead of DELETE.
SOAP also defines a binding to the HTTP protocol. When binding to HTTP, all SOAP requests are sent through POST request.
Security
Security is never mentioned when discussing the benefits of REST over SOAP. Two simples security is provided on the HTTP protocol layer such as basic authentication and communication encryption through TLS. SOAP security is well standardized through WS-SECURITY. HTTP is not secured, as seen in the news all the time, therefore web services relying on the protocol needs to implement their own rigorous security. Security goes beyond simple authentication and confidentiality, and also includes authorization and integrity. When it comes to ease of implementation, I believe that SOAP is that at the forefront.
Conclusion
This was meant to be a short blog post but it seems we got to passionate about the subject.
I accept that there are many other factors to consider when choosing SOAP vs REST but I will over simplify it here. For machine-to-machine communications such as business processing with BPEL, transaction security and integrity, I suggest using SOAP. SOAP binding to HTTP is possible and XML parsing is not noticeably slower than JSON on the browser. For building public facing API, REST is not the undisputed champion. Consider the actual application requirements and evaluate the benefits. People would say that REST protocol agnostic and work on anything that has URI is beside the point. According to its creator, REST was conceived for the evolution of the web. Most so-called RESTFul web services available on the internet are more truly REST-like as they do not follow the principle of the architectural style. One good thing about working with REST is that application do not need a service contract a la SOAP (WSDL). WADL was never standardized and I do not believe that developers would implement it. I remember looking for Twitter WADL to integrate it.
I will leave you to make your own conclusion. There is so much I can write in a blog post. Feel free to leave any comments to keep the discussion going.
I conceive you have noted some very interesting points, regards for the post.
ReplyDeleteสมัครW88
Diapers are not only mean for kids. They are widely used by adults too. There are many cases in which the patients in homes lose control and leak where they are. To prevent this, Buy adult diaper online are available in markets to prevent leakage and other problems for adults.
ReplyDeleteDownload gangstar vegas 4 mod apk (Unlimited money/VIP 10) famous tycoon living in gangster, participating in robbery missions and shootings.
ReplyDeleteI read that Post and got it fine and informative. Please share more like that.
ReplyDeleteOn Demand Service Apps For Android and iOS are highly in demand as through this online platform. Do you want to develop On Demand Doctor App? We are leading doctor app development company that provides best Doctor mobile app development.
As a reputed Lottery Mobile App Development Company , Agnito Technologies is serving a professional team of web and app developers who are highly skilled in making fantastic Lottery Management Software development solutions for their international clients. Their pool of Lottery software providers is always ready to create the top Lottery mobile app development services including the latest features and tools. So if you have a plan to develop your own Online Lottery Platform so connect with our specialist developers to get outstanding lottery software solutions.
ReplyDeleteTo do this otherwise seems to be complete folly. I presume there will be hell to pay for Anti Aging.
ReplyDeleteThat is why you shouldn't use a Skin Rejuvenation like that.
https://www.salubritymd.com/
https://sites.google.com/view/hydroserum-ocean-shake/
In that case, I believe exactly the same. My ADD just kicked in. It is characterless how punks must fully detail an astoundingly complex thesis like this. It wasn't proper. A
ReplyDeletehttps://www.salubritymd.com/
https://sites.google.com/view/hydroserum-ocean-shake/
https://sites.google.com/view/hydroserum-ocean-shake/
ReplyDeletehttps://www.salubritymd.com/hyaluronan-crema/
https://sites.google.com/view/jatinchugh/home
Startups:
ReplyDeleteFunding and Investment: Keep an eye on funding rounds, acquisitions, and partnerships involving startups. Venture capital activity often provides insights into emerging trends.
Sustainability: Many startups are focusing on sustainable and environmentally friendly solutions, reflecting growing global concern about climate change.
HealthTech: Startups in the healthcare sector, particularly those related to telemedicine and digital health, have been gaining significant attention.
Remote Work: Startups offering solutions for remote work, collaboration tools, and workspace management have experienced growth due to the changing work landscape.
Big Data:
Data Privacy and Security: With increasing data breaches and privacy concerns, developments in data protection and security measures are ongoing.
AI and Machine Learning: Big data analytics continue to evolve with AI and machine learning techniques for better data insights.
Edge Computing: Processing data at the edge (closer to the data source) is gaining importance, especially in IoT applications.
Cloud Computing:
Multi-Cloud and Hybrid Cloud: Organizations are adopting multi-cloud and hybrid cloud strategies to enhance flexibility and scalability.
Serverless Computing: Serverless architectures are becoming more popular for developing and deploying cloud applications.
Cloud Security: As more data moves to the cloud, cybersecurity and cloud security solutions are critical.
IoT (Internet of Things):
5G Connectivity: The rollout of 5G networks is expected to accelerate IoT adoption, enabling faster and more reliable connections for IoT devices.
IoT in Industry: IoT is making significant inroads in industries like manufacturing, agriculture, and healthcare for process optimization and automation.
Edge IoT: Edge computing combined with IoT is gaining traction for real-time data processing and decision-making.
Liferay:
Digital Experience Platforms (DXP): Liferay and similar platforms are evolving to provide comprehensive solutions for managing digital experiences, including content management, e-commerce, and personalization.
Open Source Development: Liferay is known for its open-source community and contributions. Keep an eye on developments and new features in the open-source Liferay ecosystem.
Integration and APIs: Integration capabilities and API-first approaches are becoming more important as businesses seek to connect various systems and data sources.
Customer Experience (CX): Liferay and other DXP providers are focusing on improving customer experiences through better UX/UI design and personalization features.
For more details download related videos at https://yt5s.cam/en3/
If you're a football fan interested in live streaming the latest matches, visit streamonsports.org. StreamOnSports.org offers high-quality live streams of football matches, making it the go-to platform for enjoying the action in real time.
ReplyDeleteFinding a trusted tarot reader near me was a challenge, but I’m so grateful I found Arpita Sri! 🙌 She is a lady tarot reader with incredible intuition and a deep understanding of tarot and astrology. I did a Pick a Tarot Card session with her, and it was incredibly accurate. She also offers Yes/No Tarot readings for quick answers and full clairvoyant medium readings for deeper guidance. If you’re searching for the best tarot card reader, visit https://www.arpitasrithefortuneteller.com/ – you won’t be disappointed!
ReplyDeleteYes no tarot
Love astrologer
Best tarot card reader
Relationship astrology
Clairvoyant medium
Trusted Tarot psychic
Best tarot reader near me
Lady tarot reader
Pick a tarot card
Learn Tarot Reading
https://www.arpitasrithefortuneteller.com/