What is REST?

REST is a design pattern. It is a certain approach for creating Web Services. To understand the REST design pattern, let's look at an example

Web-Based Reservation Service

Suppose now the airline (kings-air.com) wants to provide a Web reservation service for customers to make flight reservations through the Web. The airline wants to ensure that its premier members get immediate service, its frequent flyer members get expedited service, all others get regular service. There are two main approaches to implementing the Web reservation service.

Approach 1 One-Stop Shopping

The airline provides a single URL. The Web service is responsible for examining incoming client requests to determine their priority and process them accordingly.

client Premier Members Web Reservation Service

Determine Priority
Premier Customer F.F. Customer Regular Customer

client
Frequent Flyer Members client Regular Members

Approach 1 Disadvantages
There is currently no industry accepted practice (rules) for expressing priorities, so rules would need to be made. The clients must learn the rule, and the Web service application must be written to understand the rule.

This approach is based upon the incorrect assumption that a URL is "expensive" .

Web Design, Axiom 0

(Tim Berners-Lee, director of W3C)

Axiom 0: all resources on the Web must be uniquely identified with a URI.
URL1

resource1

URL2

resource2

URL3

resource3

Approach 2: URLs are Cheap! Use Them!

The airline provides several URLs - one URL for premier members, a different URL for frequent flyers, and still another for regular customers.
http://www.kings-air/reservations/premier

client Premier Members

Premier Member Reservation Service

http://www.kings-air/reservations/frequent-flyer

client Frequent Flyer Members

http://www.kings-air/reservations/regular

Frequent Flyer Reservation Service

Regular Member Reservation Service

client Regular Members

Approach 2 Advantages
The different URLs are discoverable by search engines and UDDI registries. It's easy to understand what each service does simply by examining the URL, i.e., it exploits the Principle of Least Surprise. There is no need to introduce rules. Priorities are elevated to the level of a URL. "What you see is what you get." It's easy to implement high priority - simply assign a fast machine at the premier member URL. There is no bottleneck. There is no central point of failure.

This ain't the REST Design Pattern

client

Premier Members
Reservation Web
Determine Priority

Premier Customer F.F. Customer Regular Customer

client Frequent Flyer Members

Service

client
Regular Members

This is the REST Design Pattern

http://www.kings-air/reservations/premier

client Premier Members

Premier Member Reservation Service

http://www.kings-air/reservations/frequent-flyer

client

Frequent Flyer Members

http://www.kings-air/reservations/regular

Frequent Flyer Reservation Service Regular Member Reservation Service

client Regular Members

Two Fundamental Aspects of the REST Design Pattern

Resources
Every distinguishable entity is a resource. A resource may be a Web site, an HTML page, an XML document, a Web service, a physical device, etc.

URLs Identify Resources

Every resource is uniquely identified by a URL. This is Tim Berners-Lee Web Design, Axiom 0.

REST Fundamentals
The data that a Web service returns should link to other data. Thus, design your data as a network of information. Create a resource for every service. Identify each resource using a URL

Why is it called "Representational State Transfer? "

Client
http://www.boeing.com/aircraft/747
Fuel requirements Maintenance schedule ...

Resource

Boeing747.html

The Client references a Web resource using a URL. A representation of the resource is returned (in this case as an HTML document). The representation (e.g., Boeing747.html) places the client in a new state. When the client selects a hyperlink in Boeing747.html, it accesses another resource. The new representation places the client application into yet another state. Thus, the client application transfers state with each resource representation.

Representational State Transfer

"Representational State Transfer is intended to evoke an image of how a well-designed Web application behaves: a network of web pages (a virtual state-machine), where the user progresses through an application by selecting links (state transitions), resulting in the next page (representing the next state of the application) being transferred to the user and rendered for their use."

REST - Not a Standard

REST is not a standard
You will not see the W3C putting out a REST specification. You will not see IBM or Microsoft or Sun selling a REST developer's toolkit.

REST is just a design pattern

You can only understand it and design your Web services to it.

REST does prescribe the use of standards:

HTTP URL XML/HTML/GIF/JPEG/etc. (Resource Representations) text/xml, text/html, image/gif, image/jpeg, etc. (Resource Types, MIME Types)

Learn by Example
The REST design pattern is best explained with an example. Example :A company deploying three Web services using the REST design pattern.

Parts Depot Web Services

Parts Depot, Inc has deployed some web services to enable its customers to:
get a list of parts get detailed information about a particular part submit a Purchase Order (PO)

The REST way of Designing the Web Services

HTTP GET request
Response (HTML/XML doc)

URL 1
HTTP response

Parts List

HTTP GET request

Response (HTML/XML doc)

URL 2 HTTP response

Web Server

Part Data

HTTP POST

PO (HTML/XML)

URL 3
PO HTTP response

URL to submitted PO

Web Service for Clients to Retrieve a List of Parts

Service: Get a list of parts
The web service makes available a URL to a parts list resource. A client uses this URL to get the parts list:
http://www.parts-depot.com/parts Note that how the web service generates the parts list is completely transparent to the client. This is loose coupling.

Data Returned - Parts List

<?xml version="1.0"?> <Parts> <Part id="00345" href="http://www.parts-depot.com/parts/00345"/> <Part id="00346" href="http://www.parts-depot.com/parts/00346"/> <Part id="00347" href="http://www.parts-depot.com/parts/00347"/> <Part id="00348" href="http://www.parts-depot.com/parts/00348"/> </Parts>

Note that the parts list has links to get detailed info about each part. This is a key feature of the REST design pattern. The client transfers from one state to the next by examining and choosing from among the alternative URLs in the response document.

Web Service for Clients to Retrieve a Particular Part

Service: Get detailed information about a particular part
The web service makes available a URL to each part resource. For example, here's how a client requests a specific part:
http://www.parts-depot.com/parts/00345

Data Returned - Part 00345

<?xml version="1.0"?> <Part> <Part-ID>00345</Part-ID> <Name>Widget-A</Name> <Description>This part is used within the frap assembly</Description> <Specification href="http://www.parts-depot.com/parts/00345/specification"/> <UnitCost currency="USD">0.10</UnitCost> <Quantity>10</Quantity> </Part>

Again observe how this data is linked to still more data - the specification for this part may be found by traversing the hyperlink. Each response document allows the client to drill down to get more detailed information.

SOAP Version
We have taken a look at how Parts Depot may implement its services in a RESTful manner. Now let's look at how the services may be implemented using SOAP.

Implementing the Web Services using SOAP

SOAP envelope
Request (XML doc)

HTTP POST

URL 1 getPartsList()
HTTP Response

Response (XML doc)

URL 1
HTTP Response

Web Server

Request (XML doc)

HTTP POST

Response (XML doc)

SOAP Server

getPart(id)

PO (XML doc)

HTTP POST

URL 1 submit(PO)
HTTP Response

Response (XML doc)

Note the use of the same URL (URL 1) for all transactions. The SOAP Server parses the SOAP message to determine which method to invoke. All SOAP messages are sent using an HTTP POST.

Note about the SOAP URI

It is not a SOAP requirement all messages be funneled to the same URL:

HTTP POST

getPartsList()

HTTP POST

URL 1

SOAP Server

getPart(id)

submit(PO)
HTTP POST

However, it is common among SOAP vendors to follow this practice. For example, here is the URL for all requests when using Apache SOAP: [host]/soap/servlet/messagerouter

Implementing the Web Service using SOAP

Service: Get a list of parts
The client creates a SOAP document that specifies the procedure desired.
<?xml version="1.0"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body>
<p:getPartsList xmlns:p="http://www.parts-depot.com"/>

</soap:Body> </soap:Envelope>

Then the client will HTTP POST this document to the SOAP server at: http://www.parts-depot.com/soap/servlet/messagerouter The SOAP server takes a quick peek into this document to determine what procedure to invoke.

Data Returned - Parts List

<?xml version="1.0"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body>

<p:getPartsListResponse xmlns:p="http://www.parts-depot.com"> <Parts> <Part-ID>00345<Part-ID> <Part-ID>00346<Part-ID> <Part-ID>00347<Part-ID> <Part-ID>00348<Part-ID> </Parts> <p:getPartsListResponse>

</soap:Body> </soap:Envelope>

Note the absence of links. Why is this? A URL that points to a SOAP service is meaningless since the URL to a SOAP service is just to the SOAP server. Thus, the URL would need to be supplemented with some indication of which method to invoke at that URL. [Note: of course this response could contain a URL to a REST-ful service.]

Implementing the Web Service using SOAP

Service: Get detailed information about a particular part
The client creates a SOAP document that specifies the procedure desired, along with the part-id parameter.
<?xml version="1.0"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <p:getPart xmlns:p="http://www.parts-depot.com"> <part-id>00345</part-id> </p:getPart> </soap:Body> </soap:Envelope>

Again, the client will HTTP POST this document to the SOAP server at: http://www.parts-depot.com/soap/servlet/messagerouter Note that this is the same URL as was used when requesting the parts list. The SOAP server peeks into this document to determine what procedure to invoke.

Data Returned - Part

<?xml version="1.0"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <p:getPartResponse xmlns:p="http://www.parts-depot.com"> <Part-ID>00345</Part-ID> <Name>Widget-A</Name> <Description>This part is used within the frap assembly</Description> <UnitCost currency="USD">0.10</UnitCost> <Quantity>10</Quantity> </p:getPartResponse> </soap:Body> </soap:Envelope>

Again, notice the absence of links. Thus, there is nothing in the response to enable a client to "go to the next level of detail". The information about how to go to the next level of detail must be found out-of-band.

Contrasting REST and SOAP

My company has a receiving warehouse. All letters and packages first go there, and from there they are distributed. A SOAP Server is analogous to the receiving warehouse - the SOAP Server receives all incoming SOAP messages and then distributes each message to the appropriate application for processing.

However, there is one big difference: No one in the receiving warehouse is allowed to look inside any letter or package. All decisions about what to do with letters/packages must be made purely by looking at the addressing on the outside. A SOAP Server, on the other hand, is able to "peek inside" the SOAP envelope. In fact, it must do so because the actual target resource is not specified on the outside, but rather, is hidden within the envelope.

 With REST all decisions are made based upon the URL and HTTP method. Thus, REST and SOAP have a fundamental difference in this regard.

Proxy Servers
Consider this scenario: A company has deployed 3 resources - Resource 1, Resource 2, and Resource 3 A client wishes to access Resource 1 (get a representation of Resource 1) All client requests go through a proxy server The proxy server enforces the policy that access to Resource 2 and Resource 3 is allowed. However, Resource 1 is off limits i.e.company policy prohibits accessing Resource 1 using the company's lines

REST and Proxy Servers

Resource 1

http://www.somewhere.org/Resource1

Proxy Server

Web Server

Resource 2

Youre not allowed to access Resource 1 Resource 3

REST and Proxy Servers (cont.)

The URL identifies the resource that is desired (e.g., Resource 1) The HTTP method identifies the desired operation (e.g, HTTP GET) A proxy server can decide, based upon the identified resource, and the HTTP method whether or not to allow the operation.
Desired resource Accept/reject

Method

SOAP and Proxy Servers

Resource 1
http://www.somewhere.org/soap-server

Proxy Server I cant determine if the message is allowed since I dont know what Resource it is targeting [that information is hidden in the Envelope]

Web Server

SOAP Server

Resource 2

Resource 3

SOAP and Proxy Servers

The URL is not to the target resource, but rather to a SOAP server. This makes it harder, and less likely, for a proxy server to determine which resource is actually being targeted. The proxy server would need to look inside the SOAP message to determine which resource is being requested.
Further, the proxy server would need to understand the semantics of the message:
<?xml version="1.0"?> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <getResource xmlns=""> <id>R1</id> </getResource> </soap:Body> </soap:Envelope>

Does this mean that the client is trying to access Resource 1? The proxy server must understand the semantics of every SOAP application!

REST and Caching

http://www.somewhere.org/Resource1

Cache Server

Web Server

Resource 1

I have a copy in my cache. Here it is.

2a 2b 2c

The cache shortens the distance that the client must go to get the data, thus speeding up the request.

REST and Caching (cont.)

The results of a resource request contains an indication in the HTTP header of whether these results are cacheable (and when the data will become stale). If the HTTP header says that it is cacheable, then cache servers can make a local copy. Later, if a client requests the same resource then the client can return a cached copy.
Cache Server Method = GET

Desired resource

Forward request

Return cached copy

SOAP and Caching

When you submit a SOAP message it is always with an HTTP POST, even though the intent of the message may be to "get" data.
So a cache server would not know from the HTTP method whether the client is doing a request.

Thus, with a SOAP message the cache server cannot determine (1) if data is being requested, nor (2) what resource is being requested.
Conclusion: No caching possible with SOAP!

URI to SOAP Server

Cache Server
Method = POST

"I dont know what is the target resource. Furthermore, I don't even know if the resource is being requested. So, I must forward the request. No caching"