slide1
Download
Skip this Video
Download Presentation
Matthew J. Graham (Caltech, NVO)

Loading in 2 Seconds...

play fullscreen
1 / 9

Matthew J. Graham (Caltech, NVO) - PowerPoint PPT Presentation


  • 117 Views
  • Uploaded on

T HE US N ATIONAL V IRTUAL O BSERVATORY. REST. vs. WS-*. Matthew J. Graham (Caltech, NVO). What is REST?. Representational State Transfer (Fielding 2000) A resource-oriented architectural style for web services based on the WWW architecture: Each resource has a unique identifier (URI)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Matthew J. Graham (Caltech, NVO)' - emil


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

THE US NATIONAL VIRTUAL OBSERVATORY

REST

vs

WS-*

Matthew J. Graham (Caltech, NVO)

IVOA Beijing: Grid & Web Services 2

what is rest
What is REST?
  • Representational State Transfer (Fielding 2000)
  • A resource-oriented architectural style for web services based on the WWW architecture:
    • Each resource has a unique identifier (URI)
    • Resource representations are exchanged in XML over HTTP
    • Agents employ the HTTP methods as a standard API to ensure uniform interface semantics
  • REST is about exposing resources through URIs and not services through messaging interfaces
  • REST is possible with SOAP and WSDL 2.0

IVOA Beijing: Grid & Web Services 2

restful interfaces
RESTful interfaces
  • GET is safe: it has no side effects and is purely for retrieval
  • GET, PUT, and DELETE are idempotent: the side-effect of N > 0 identical requests is the same as for a single request
  • Atom Publishing Protocol is the canonical REST interface
  • WebDAV is not RESTful:
    • URLs are inherently hierarchical and not opaque
    • properties and locks are not separate resources
    • PROPPATCH, PROPFIND, LOCK and UNLOCK methods manipulatemetadata attached to a resource
    • 207 (Multi-Status) response code for “bundled” operations

IVOA Beijing: Grid & Web Services 2

ws 18 months ago
WS-* (18 months ago)
  • WS-Semantics
  • WS-Topic
  • WS-Transaction
  • WS-Transaction Management
  • WS-Transfer
  • WS-Trust
  • ASAP
  • ebXML
  • MTOM
  • SAML
  • SOAP
  • SwA
  • UBL
  • UDDI
  • WSDL
  • XACML
  • XML Encryption
  • XML Signature
  • XKMS
  • + others incl. WS-KitchenSink
  • WS-I Basic Profile
  • WS-I Basic Security Profile
  • WS-Manageability
  • WS-Management
  • WS-MetadataExchange
  • WS-Notification
  • WS-Policy
  • WS-PolicyAssertions
  • WS-PolicyAttachment
  • WS-PolicyFramework
  • WS-Polling
  • WS-Provisioning
  • WS-Reliability
  • WS-ReliableMessaging
  • WS-RemotePortals
  • WS-ResourceFramework
  • WS-ResourceLifetime
  • WS-ResourceProperties
  • WS-Routing
  • WS-SecureConversation
  • WS-Security
  • WS-SecurityPolicy
  • WS-Addressing
  • WS-AtomicTransaction
  • WS-Attachments
  • WS-BaseNotification
  • WS-BPEL
  • WS-BrokeredNotification
  • WS-BusinessActivity
  • WS-CAF
  • WS-Choreography
  • WS-CDL
  • WS-Context
  • WS-Coordination
  • WS-CoordinationFramework
  • WS-Discovery
  • WS-DistributedManagement
  • WS-Enumeration
  • WS-Eventing
  • WS-ExperienceLanguage
  • WS-Federation
  • WS-GAF
  • WS-Inspection
  • WSIL

IVOA Beijing: Grid & Web Services 2

description languages i
Description languages - I
  • WSDL:
    • Complicated
    • Difficult to describe protocols that use SOAP headers so not straightforward for WS-*
    • Operation-centric
    • Web service versioning is difficult (better in WSDL 2.0)
    • Limited modelling of interaction patterns (no more than two messages within a single exchange)
    • No choreographic information so cannot specify ordering constraints between operations
    • WSDL is immutable so no dynamic endpoints

IVOA Beijing: Grid & Web Services 2

description languages ii
Description languages - II
  • WSDL 1.1:
    • Supports HTTP GET and POST
    • Cannot use GET with no parameters
    • Cannot mix multiple HTTP methods on one port
  • WSDL 2.0:
    • Supports HTTP GET/PUT/POST/DELETE
    • No support for JSON or binary format (need to write specification for binding rules on how to serialize)
    • Authentication limited to HTTP Basic and Digest
    • No support for links: cannot write WSDL for Atom Publishing Protocol
  • WADL:
    • Backed by Sun (wadl.java.dev.net - wadl2java)
    • http://code.google.com/p/rest-api-code-gen/
    • REST Describe (http://tomayac.de/rest-describe/latest/RestDescribe.html)

IVOA Beijing: Grid & Web Services 2

sample wadl file
Sample WADL file

<application xmlns="http://research.sun.com/wadl/2006/10"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:xsd="http://www.w3.org/2001/XMLSchema"

xmlns:vot="http://www.ivoa.net/xml/VOTable/v1.1"

xsi:schemaLocation="http://research.sun.com/wadl/2006/10 wadl.xsd">

<grammars>

<include href="votable.xsd"/>

</grammars>

<resources base="http://galex.stsci.edu/gxWS/ConeSearch">

<resource path="gxConeSearch.aspx">

<method name="GET">

<request>

<param name="ra" type="xsd:float" style="query"/>

<param name="dec" type="xsd:float" style="query"/>

<param name="sr" type="xsd:float" style="query"/>

</request>

<response>

<representation mediaType="text/xml" element="vot:VOTABLE"/>

</response>

</method>

</resource>

</resources>

</application>

IVOA Beijing: Grid & Web Services 2

security
Security
  • WS-Security:
    • provides message level, end-to-end security
    • really requires WS-SecurityPolicy
    • interoperable implementations?
  • HTTP Basic:
    • Base64-encoded username/password
  • HTTP Digest:
    • MD5 hashes of username, password, authentication realm, etc.
  • SSL/TLS:
    • provides transport level, point-to-point security
  • Message authentication:
    • AWS approach using HMAC with SHA-1 hash code
  • HTTPSec for “full” message level security

IVOA Beijing: Grid & Web Services 2

addressing state
Addressing + state
  • WS-Addressing:
    • SOAP lacks a standard way to specify where a message is going, how to return a response or where to report an error
    • provides SOAP header keywords such as: To, ReplyTo, FaultsTo, Anonymous, and MessageId/RelatesTo.
    • SAF (Store-and-forward) service is a use case that REST cannot address
  • WSRF:
    • framework for handling state
    • separates web service and state information (resource)
    • a resource has a unique key and message exchanges with the service are used to interact with the resource
    • basically equivalent to REST

IVOA Beijing: Grid & Web Services 2

ad