Rest API
Explain the architectural style for creating web api?
The architectural style for creating web api are -HTTP for client seevee communication -XML/JSON as formatting language -Simple URI as the address for the servers -Stateless communication
What are the HTTP methods supported by REST
GET: it requests a resource at the request URL. It should not contain a request body as it will be discarded. Can be cached locally or on the server POST: it submits info to the service for processing, it should typically return the modified or new resource PUT: Update/Replace DELETE: removes the resource OPTIONS: it indicates which techniques are supported HEAD: about the request URL it returns meta information
What is the purpose of HTTP status code?
HTTP status code are standard codes and refers to predefined status of task done at server.
What do you mean by idempotent operation?
Idempotent operations means their result will always same no matter how many times these operations are invoked.
Explain how JAXB relates to RESTful web API?
JAXB stands for Java API for XML binding. This framework is used to bind XML or JSON to Java objects without the need for creating XML or JSON parsers
Which type of Webservices methods are to be idempotent?
PUT and DELETE operations are idempotent.
What is the difference between PUT and POST
PUT puts a file or resource at a particular URI and exactly at that URI. If there is already a file or resource at that URI, PUT changes that file or resource. If there is no resource or file there, PUT makes one POST sends data to a particular URI and expects the resource at the URI to deal with the request. The web server at this point can decide what to do with the data in the context of that specified resource
What are resources in a REST architecture?
REST architecture treats every content as a resource. These resources can be text files, html pages, images, videos or dynamic business data. REST Server simply provides access to resources and REST client accesses and modifies the resources. Here each resource is identified by URIs/ global IDs.
What are some key characteristics of REST
-REST is stateless, so there is no storage of session data ok the client -with a well applied REST API, the server could be restarted between two calls as every data is passed to the server -web service mostly uses POST method to make operations, whereas REST uses GET to access resources
What is JAX-WS and JAX-RS
Both are libraries (API)s for doing communication in various ways in Java. JAX-WS is a library that can be used to do SOAP communication in JAVA, and JAX-RS lets you do the REST communication in JAVA
What tools/APIs are used for developing and testing web APIs
Testing tools for web services for REST APIs includes: - Spring REST web service using MVC - Jersey API - CFX - Axis - Restlet
What is messaging in RESTful webservices?
A client sends a message in form of a HTTP Request and server responds in form of an HTTP Response. This technique is termed as Messaging. These messages contain message data and metadata ie information about the message itself
What are webservices?
A web service is a collection of open protocols and standards used for exchanging data between applications or systems. Software applications written in various programming languages and running on various platforms can use web services to exchange data over computer networks like the Internet in a manner similar to inter-process communication on a single computer.
What are the core components of an HTTP Request
An HTTP request has 5 major parts: Verb - indicate HTTP methods such as GET, POST, DELETE, PUT, etc URI - Uniform Resource Identifier to identify the resource on server HTTP version - indicate HTTP version Request header - contains metadata for the HTTP Request message as key-value pairs, for example, client (or browser) type, format supported by client, format of message body, cache settings etc Request body - message content or resource representation
What is statelessness in RESTful Webservices?
As per REST architecture, a RESTful web service should not keep a client state on server. This restriction is called statelessness. It is responsibility of the client to pass its context to server and then server can store this context to process client's further request. For example, session maintained by server is identified by session identifier passed by the client.
Which markup language can be used in restful web API?
JSON and XML are the two markup languages that can be used in restful web API
What are REST and RESTful Web Services?
REST represents REpresentstional State Transfer, it is relatively new web api. RESTful is referred for web services written by applying REST architectural concept. It focuses on system resources and how state of resource should be transported over HTTP protocol to a different clients written in different language. In RESTful web service http methods like GET, POST, PUT, and DELETE can be used to perform CRUD operations
Which protocol is used by RESTful webservices
RESTful web services make use of HTTP protocol as a medium of communication between client and server
What are the best practices to be followed while designing a secure RESTful web service
RESTful web services work with HTTP URLs paths so it is very important to safeguard a RESTful web service in the same manner as a website is to be secured. The following are the best practices. Validation - validate all inputs on the server. Protect your server against SQL or NoSQL injection attacks Session based authentication - use session based authentication to authenticate a use whenever a request is made to a web service method No sensitive data in URL - never use username, password, or session token in URL, those values should passed to Web Service via POST method Restriction on Method execution - allow restricted use of method like GET, POST, DELETE, GET method should not be able to delete data. Validate malinformed XML/JSON - check for well formed input passed to a web service method Throw generic error messages - a web service method should use HTTP error message like 403 to show access forbidden etc
What is the difference between RESTful web services and SOAP web services?
Though both RESTful web series and SOAP can operate cross platform they are architecturally different to each other, here is some of differences between REST and SOAP. - REST is more simple and easy to use than SOAP - REST uses HTTP protocol for producing or consuming web services while SOAP uses XML - REST is lightweight as compared to SOAP and preferred choice in mobile devices and PDAs - REST supports different format like text, JSON, and XML while SOAP only support XML - REST web services call can be cached to improve prformance
What are the best practices to create a standard URI for a web service?
Use Plural Noun − Use plural noun to define resources. For example, we've used users to identify users as a resource. Avoid using spaces − Use underscore(_) or hyphen(-) when using a long resource name, for example, use authorized_users instead of authorized%20users. Use lowercase letters − Although URI is case-insensitive, it is good practice to keep url in lower case letters only. Maintain Backward Compatibility − As Web Service is a public service, a URI once made public should always be available. In case, URI gets updated, redirect the older URI to new URI using HTTP Status code, 300. Use HTTP Verb − Always use HTTP Verb like GET, PUT, and DELETE to do the operations on the resource. It is not good to use operations names in URI.
HTTP Status code 400
bad request, states that invalid input is provided ie validation error, missing data
What are the core components of an http response?
http response have 4 major parts = Status/Response code - indicate server status for the requested resource. for example, 404 means resource not found and 200 means response is ok HTTP version - indicate HTTP version Response header - contains metadata for the HTTP Request message as key-value pairs. For example, content length, content type, response date, server type Response Body - response message content or resource representation
HTTP status code 201
means created, when a resource is successful created using POST or PUT request. Return link to newly created resource using location header
HTTP status code 403
means forbidden, states that user is not having access to method being used for example, delete access without admin rights
HTTP status code 500
means internal server error, states that server has thrown some exception while executing the method
HTTP status code 204
means no content when response body is empty for example a delete request
HTTP status code 404
means not found, states that method is not available
HTTP Status code 200
means ok, shows success