REST and Web Services: In Theory and in Practice
There are two competing architectural styles employed for building Web services: RESTful services and services based on the WS– ∗ standards (also known as “SOAP Web services”). These two styles have separate follower bases, but many differences between them are ideological rather than factual. In order to promote the healthy growth of Web services research and practice, it is important to distinguish arguments for implementation practices over abstract concepts represented by these styles, carefully evaluating the respective advantages of RESTful and WS– ∗ Web services. Understanding these distinctions is especially critical for the development of enterprise systems, because in this domain, tool vendors have preferred WS– ∗ services to the neglect of RESTful solutions. This chapter evaluates some of the key questions regarding the real and perceived distinctions between these two styles of Web services. It analyzes how the current tools for building RESTful Web services embody the principles of REST. Finally, it presents select open research questions to further the growth of RESTful Web services.
KeywordsArchitectural Style RESTful Service Open Research Problem Client Code Reliable Messaging
The authors would like to thank Nicholas Chen, Hakan Erdogmus, Jim Webber, and anonymous reviewers for reviewing earlier drafts of this work.
- L. Bass and P. Clementes and R. Kazman. Software Architecture in Practice, 2nd Edition. Addison Wesley, 2002.Google Scholar
- P. Adamczyk, M. Hafiz, and R. Johnson. Non-compliant and Proud: A Case Study of HTTP Compliance, DCS-R-2935. Technical report, University of Illinois, 2007.Google Scholar
- Amazon. Amazon Simple Storage Service API Reference, May 2011. http://docs.amazonwebservices.com/AmazonS3/latest/API/
- Apache HTTP Server v2.2. Authentication, authorization and access control, May 2011. http://httpd.apache.org/docs/2.2/howto/auth.html.
- T. Berners-Lee. Cool URIs don’t change, May 2011. http://www.w3.org/Provider/Style/URI.html.
- T. Berners-Lee, R. Fielding, and H. Frystyk. RFC 1945: Hypertext Transfer Protocol — HTTP/1.0, May 1996.Google Scholar
- J. Correia and M. Cantara. Gartner sheds light on developer opps in web services. Integration Developers News, June 2003.Google Scholar
- Dare Obsanjo Blog. Misunderstanding REST: A look at the Bloglines, del.icio.us and Flickr APIs, May 2011. http://www.25hoursaday.com/weblog/PermaLink.aspx?guid=7a2f3df2-83f7-471b-bbe6-2d8462060263.
- B. M. Duska, D. Marwood, and M. J. Freeley. The measured access characteristics of World-Wide-Web client proxy caches. In USENIX Symposium on Internet Technologies and Systems, USITS, 1997.Google Scholar
- L. Dusseault and J. Snell. RFC 5789: PATCH Method for HTTP, Mar. 2010.Google Scholar
- J. Fan and S. Kambhampati. A Snapshot of Public Web Services. In SIGMOD Record, Vol. 34, No. 1, Mar. 2005.Google Scholar
- R. Fielding. Architectural Styles and the Design of Network-based Software Architectures. Doctoral dissertation. Technical report, University of California, Irvine, 2000.Google Scholar
- R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. RFC 2616: Hypertext Transfer Protocol — HTTP/1.1, June 1999.Google Scholar
- B. Fitzpatrick. OpenID, 2005. http://openid.net/.
- J. Franks, P. Hallam-Baker, J. Hostetler, S. Lawrence, P. Leach, A. Luotonen, and L. Stewart. RFC 2617: HTTP Authentication: Basic and Digest Access Authentication, June 1999.Google Scholar
- J. Garrett. Ajax: A New Approach to Web Applications, Feb. 2005. http://adaptivepath.com/ideas/essays/archives/000385.php.
- Y. Goland, E. J. Whitehead, A. Faizi, S. Carter, and D. Jensen. HTTP Extensions for Distributed Authoring WebDAV. Internet proposed standard RFC 2518, Feb. 1999.Google Scholar
- J. Gregorio, R. Fielding, M. Hadley, and M. Nottingham. URI Template (draft), Mar. 2010.Google Scholar
- H. Haas. Reconciling Web services and REST services (Keynote Address). In 3rd IEEE European Conference on Web Services (ECOWS 2005), Nov. 2005.Google Scholar
- M. Hadley, S. Pericas-Geertsen, and P. Sandoz. Exploring Hypermedia Support in Jersey. In WS-REST 2010, Apr. 2010.Google Scholar
- M. Hadley and P. Sandoz. JAX-RS: Java API for RESTful Web Services (version 1.1), Sept. 2009.Google Scholar
- E. Hammer-Lahav. RFC 5849: The OAuth 1.0 Protocol, Apr. 2010.Google Scholar
- I. Hickson. HTML5: A vocabulary and associated APIs for HTML and XHTML, Oct. 2010.Google Scholar
- Joe McKendrick. Service Oriented Blog, May 2011. http://www.zdnet.com/blog/service-oriented/?p0542.
- H. Kilov. From semantic to object-oriented data modeling. In First International Conference on Systems Integration, pages 385–393, 1990.Google Scholar
- S. M. Kim and M. Rosu. A Survey of Public Web Services. In WWW 2004, 2004.Google Scholar
- L. Richardson and S. Ruby. RESTful Web Services. O’Reilly, Oct. 2007.Google Scholar
- M. Nottingham. HTTP Status Report. In QCon, Apr. 2009.Google Scholar
- Meebo Dev Blog. Introducing XAuth, Apr. 2010. http://blog.meebo.com/?p=2391.
- M. Nottingham. Web Linking (draft), May 2010.Google Scholar
- H. Overdick. Towards resource-oriented BPEL. In C. Pautasso and T. Gschwind, editors, WEWST, volume 313. CEUR-WS.org, 2007.Google Scholar
- C. Pautasso, E. Wilde, and A. Marinos. First International Workshop on RESTful Design (WS-REST 2010), Apr. 2010.Google Scholar
- C. Pautasso, O. Zimmermann, and F. Leymann. RESTful Web Services vs. “Big” Web Services: Making the Right Architectural Decision. In WWW ’08: Proceeding of the 17th international conference on World Wide Web, pages 805–814, New York, NY, USA, 2008. ACM.Google Scholar
- P. Prescod. Roots of the REST/SOAP Debate. In Extreme Markup Languages, EML, 2002.Google Scholar
- E. Rescorla. RFC 2818: HTTP over TLS, May 2000.Google Scholar
- RESTWiki, May 2011. http://rest.blueoxen.net/cgi-bin/wiki.pl.
- D. Sholler. 2008 SOA User Survey: Adoption Trends and Characteristics, Sept. 2008.Google Scholar
- W3C Working Group Note. Web Services Architecture, May 2011. http://www.w3.org/TR/2004/NOTE-ws-arch-20040211/.
- Web Service Security (WSS). Web Services Security: SOAP Message Security 1.1, Feb. 2006.Google Scholar