REST
What is the purpose of HTTP Status Codes?
HTTP Status code are standard codes and refers to predefined status of task done at server. Example, HTTP Status 404 states that requested resource is not present on server.
What are the HTTP methods supported by REST?
HTTP methods supported by REST are: •GET: It requests a resource at the request URL. It should not contain a request body as it will be discarded. May be it can be cached locally or on the server. •POST: It submits information to the service for processing; it should typically return the modified or new resource •PUT: At the request URL it update the resource •DELETE: At the request URL it removes the resource •OPTIONS: It indicates which techniques are supported •HEAD: About the request URL it returns meta information
Cache-able
Information sent is safe to cache ex: we make a get request to server. the likely hood that information from database will change should be nill. ex: stock market info is not safe to cache b/c if you are looking at cache info you will be behind
What does the HTTP Status Code 200 state?
It means, OK. It shows success.
What does the HTTP Status Code 204 mean?
It means, no CONTENT. Example: a DELETE request happens and the response body is empty, a 204 code will return.
What are the best practices to be followed while designing a secure RESTful web service?
"As RESTful web services work with HTTP URLs Paths so it is very important to safeguard a RESTful web service in the same manner as a website is be secured. Following are the best practices to be followed while designing a RESTful web service − Validation − Validate all inputs on the server. Protect your server against SQL or NoSQL injection attacks. Session based authentication − Use session based authentication to authenticate a user whenever a request is made to a Web Service method. No sensitive data in URL − Never use username, password or session token in URL , these values should be passed to Web Service via POST method. Restriction on Method execution − Allow restricted use of methods like GET, POST, DELETE. GET method should not be able to delete data. Validate Malformed XML/JSON − Check for well formed input passed to a web service method. Throw generic Error Messages − A web service method should use HTTP error messages like 403 to show access forbidden etc."
Uniform interface
REST APIs have a lot of similarities ex: /api/users/3. anyone who uses rest will understand this endpoint
Which protocol is used by RESTful webservices?
RESTful web services make use of HTTP protocol as a medium of communication between client and server.
explain the status codes and how they are used
1xx infomational response 2xx: Success 3xx: redirection 4xx client errors 5xx server errors 100 Continue 200 OK 300 choices: resource has options client can choose from 400 Bad Request: server refuses to process request 500 Internal Server Error: when unexpected condition occurs 102: Processing: server has received and is processing the request, but no response is available 202: request has been ready to processes but it hasnt completed 302: Found: bad practice 402 Payment required: reserved for future use 502 Bad Gateway: server was acting as a gateway and received an invalid response from upstream server
what is REST
A RESTful web service is based on representational state transfer technology, an architectural style and approach to communications often used in web services development.
What is statelessness in RESTful Webservices?
As per REST architecture, a RESTful web service should not keep a client state on server. This restriction is called statelessness. It is responsibility of the client to pass its context to server and then server can store this context to process client's further request. For example, session maintained by server is identified by session identifier passed by the client.
Layered
Assumption Assume you don't directly talk with server this means that at each stop of the way is another place you can have info cached rest services seem fast b/c it relies on caching. info is cached on your machine and on every router stop along the way to the server
What is JAX-WS and JAX-RS?
Both JAX-WS and JAX-RS are libraries (APIs) for doing communication in various ways in Java. JAX-WS is a library that can be used to do SOAP communication in JAVA. JAX-RS lets you do the REST communication in JAVA.
Define Idempotence?
Clients should be able to make the call multiple times and produce the same result. GET and PUT are idempotent. It can be made multiple times and get the same result. POST is not idempotent. Repeated POST calls to users will create multiple users.
What are REST and RESTful Web Services?
REpresentational State Transfer In RESTFUL web service http methods like GET, POST, PUT and DELETE can be used to perform CRUD operations.
what is required to be a fully RESTful web service
Richardson Maturity Model Level 0: Make Http calls Level 1: URI - Specific endpoints for each resource Level 2: Http proper use of verbs Level 3: HATEOAS Hyper media As The Engine Of Application state. The site provides hypermedia links with each response
Code on Demand
Sending executable code across the net
what are the advantages of REST
Separation between client and server. Visibility, reliability and scalability. the rest api is always independent of the type of platform or language.
Mention some key characteristics of REST
Some key characteristics of REST include: •REST is stateless, so there is no storage of session data on the client. •With a well applied REST API, the server could be restarted between two calls as every data is passed to the server •REST uses GET to access resources
what is REST Statelessness
Statelessness: is when the server does not store any state about the client session on the server. ?Each request from the client contains all the info to understand the request. Session state is kept on the client side.
List out the tools or API for developing or testing web API
Testing tools for web services for REST APIs include: •Spring REST web service using MVC •Jersey API •CXF •Axis •Restlet
What Protocols does REST support
only html
What is an advantage of REST
platform independent lightweight approach good performance Simple http is used to make calls between machines.
produce and consume
prepared for net traffic produce: content - jsp, html. server consume: calling endpoint. client. can be another application
statelessness
server is unaware of client state client is unaware of server state ex: the client shouldn't / doesn't need to know is server goes down for a second
Are REST & SOAP Stateless
since rest only uses HTTP, it is stateless. since soap can use other transport protocols, it can contain state
What is messaging in RESTful webservices?
A client sends a message in the form of a HTTP Request and the server responds in the form of a HTTP Response. This technique is termed as Messaging. These messages contain message data and metadata i.e. information about message itself.
Richardson Maturity Model
A pyramid graph of different levels of RESTfulness Level 0: a server that hands out information. delivers json, html, http, etc Level 1: Resources. organzie endpoints to deliver resources. ex: an endpoint that delivers a method to call a delete function. ex: (Resource + metadata = Representation) transferring representation from endpoint Level 2: Http Verbs thinking of server as handling specific requests with specific http verbs proper organization of endpoints with http verbs use verbs the way they were meant to be Level 3: Hypermedia Control HATEOAS (Hypertext As The Engine Of Application State) The point of hypermedia controls is that they tell us what we can do next, and the URI of the resource we need to manipulate to do it.
What does the HTTP Status Code 400 mean?
It means, BAD REQUEST It states that invalid input is provided. Example: validation error, missing data.
What does the HTTP Status Code 201 mean?
It means, CREATED. When a resource is successfully created using POST or PUT request, it returns a link to the newly created resource using the location header.
What does the HTTP Status Code 403 mean?
It means, FORBIDDEN. It states that a user does not have access to a method being used. Example: delete access without admin rights.
What does the HTTP Status Code 500 mean?
It means, INTERNAL SERVER ERROR. It states that server has thrown some exception while executing the method.
What does the HTTP Status Code 404 mean?
It means, NOT FOUND. It states that the method is not available.
Explain how JAXB is related to RESTful web api?
JAXB stands for Java API for Xml Binding. This framework is used to bind XML or JSON to Java objects without the need for creating XML or JSON parsers.
Which markup language can be used in restful web api?
JSON and XML are the two markup languages that can be used in Restful web api
what are the disadvantages of using REST
Latency in request processing times. Bandwidth usage.
What is the difference between PUT and POST?
PUT: puts a file or resource at a particular URI and exactly at that URI. If there is already a file or resource at that URI, PUT changes that file or resource. If there is no resource or file there, PUT makes one POST: sends data to a particular URI and expects the resource at that URI to deal with the request. The web server at this point can decide what to do with the data in the context of specified resource.
Explain REST
Representational State Transfer A concept around architectural constraints, specifically on server, client relationships Principles of REST: 1 - Separation of client server concerns 2 - statelessness 3 - cache-able 4 - Layered 5 - Code on Demand (optional) 6 - Uniform interface
what is REST
Representational State Transfer. An architecture, not a design pattern. REST is a method of allowing communication between a web based client and server that employs representational state transfer constraints to create desirable properties.
What are resources in a REST architecture?
Resources are identified by logical URLs; it is the key element of a RESTful design. Unlike, SOAP web services in REST, you view the product data as a resource and this resource should contain all the required information.
What are the core components of a HTTP response?
Status/Response Code: Indicate Server status for the requested resource. HTTP Version: Indicate HTTP version. Response Header: Contains metadata for the HTTP Response Response Body: Response message content or Resource representation.
Explain the architectural style for creating web api?
The architectural style for creating web api are •HTTP for client server communication •XML/JSON as formatting language •Simple URI as the address for the services •Stateless communication
Separation of concerns
The principle behind the client-server constraints is the separation of concerns. Separating the user interface concerns from the data storage concerns improves the portability of the user interface across multiple platforms.
What are some differences between RESTful web services and SOAP web services ?
Though both RESTful web series and SOAP web service can operate cross platform they are architecturally different to each other, here is some of differences between REST and SOAP: REST is more simple and easy to use than SOAP REST uses HTTP protocol for producing or consuming web services while SOAP uses XML. REST is lightweight as compared to SOAP and preferred choice in mobile devices and PDA's. REST supports different format like text, JSON and XML while SOAP only support XML. REST web services call can be cached to improve performance.
What is a URI?
URI stands for Uniform Resource Identifier. Each resource in REST architecture is identified by its URI. The purpose of an URI is to locate a resource on the server hosting the web service. URI format example: <protocol>://<service-name>/<ResourceType>/<ResourceID>
In what situations would you propose using SOAP or REST?
Use SOAP for any situations requiring xml message encryption, reliable messaging in environments with erratic connectivity, or atomic transactions because these functions are built-in. Use REST whenever you need simple data manipulation of a resource such as that provided by the http verbs GET, PUT, POST, and DELETE
What are the core components of a HTTP Request?
Verb: Indicate HTTP methods such as GET, POST, DELETE, PUT. URI: Uniform Resource Identifier (URI) to identify the resource HTTP Version: Indicate HTTP version. Request Header: Contains metadata for the HTTP Request message Request Body: Message content or Resource representation.
How do you handle exceptions in REST
You should send HTTP error codes. @ExceptionHandler
What are some differences between SOAP and REST
soap is web service communication protocol. rest is a architectural style soap has been around longer soap exposes components of application logic as services rather than data rest operates through a solitary interface to access named resources rest created a way to access web services easier using http benefits of rest rest allows more data formats. soap only allows xml rest is easier to work with rest offers superior performance through caching info rest is used by yahoo, ebay, amazon, google rest is generaly faster and uses less bandwidth benefits of soap soap offers robust security- soap supports ws-security soap offers built in retry logic to compensate for failed communications. rest doesn't have a built in messaging system. there are no standard set of rules for rest