Matthew j graham caltech nvo
This presentation is the property of its rightful owner.
Sponsored Links
1 / 9

Matthew J. Graham (Caltech, NVO) PowerPoint PPT Presentation


  • 85 Views
  • Uploaded on
  • Presentation posted in: General

T HE US N ATIONAL V IRTUAL O BSERVATORY. REST. vs. WS-*. Matthew J. Graham (Caltech, NVO). What is REST?. Representational State Transfer (Fielding 2000) A resource-oriented architectural style for web services based on the WWW architecture: Each resource has a unique identifier (URI)

Download Presentation

Matthew J. Graham (Caltech, NVO)

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Matthew j graham caltech nvo

THE US NATIONAL VIRTUAL OBSERVATORY

REST

vs

WS-*

Matthew J. Graham (Caltech, NVO)

IVOA Beijing: Grid & Web Services 2


What is rest

What is REST?

  • Representational State Transfer (Fielding 2000)

  • A resource-oriented architectural style for web services based on the WWW architecture:

    • Each resource has a unique identifier (URI)

    • Resource representations are exchanged in XML over HTTP

    • Agents employ the HTTP methods as a standard API to ensure uniform interface semantics

  • REST is about exposing resources through URIs and not services through messaging interfaces

  • REST is possible with SOAP and WSDL 2.0

IVOA Beijing: Grid & Web Services 2


Restful interfaces

RESTful interfaces

  • GET is safe: it has no side effects and is purely for retrieval

  • GET, PUT, and DELETE are idempotent: the side-effect of N > 0 identical requests is the same as for a single request

  • Atom Publishing Protocol is the canonical REST interface

  • WebDAV is not RESTful:

    • URLs are inherently hierarchical and not opaque

    • properties and locks are not separate resources

    • PROPPATCH, PROPFIND, LOCK and UNLOCK methods manipulatemetadata attached to a resource

    • 207 (Multi-Status) response code for “bundled” operations

IVOA Beijing: Grid & Web Services 2


Ws 18 months ago

WS-* (18 months ago)

  • WS-Semantics

  • WS-Topic

  • WS-Transaction

  • WS-Transaction Management

  • WS-Transfer

  • WS-Trust

  • ASAP

  • ebXML

  • MTOM

  • SAML

  • SOAP

  • SwA

  • UBL

  • UDDI

  • WSDL

  • XACML

  • XML Encryption

  • XML Signature

  • XKMS

  • + others incl. WS-KitchenSink

  • WS-I Basic Profile

  • WS-I Basic Security Profile

  • WS-Manageability

  • WS-Management

  • WS-MetadataExchange

  • WS-Notification

  • WS-Policy

  • WS-PolicyAssertions

  • WS-PolicyAttachment

  • WS-PolicyFramework

  • WS-Polling

  • WS-Provisioning

  • WS-Reliability

  • WS-ReliableMessaging

  • WS-RemotePortals

  • WS-ResourceFramework

  • WS-ResourceLifetime

  • WS-ResourceProperties

  • WS-Routing

  • WS-SecureConversation

  • WS-Security

  • WS-SecurityPolicy

  • WS-Addressing

  • WS-AtomicTransaction

  • WS-Attachments

  • WS-BaseNotification

  • WS-BPEL

  • WS-BrokeredNotification

  • WS-BusinessActivity

  • WS-CAF

  • WS-Choreography

  • WS-CDL

  • WS-Context

  • WS-Coordination

  • WS-CoordinationFramework

  • WS-Discovery

  • WS-DistributedManagement

  • WS-Enumeration

  • WS-Eventing

  • WS-ExperienceLanguage

  • WS-Federation

  • WS-GAF

  • WS-Inspection

  • WSIL

IVOA Beijing: Grid & Web Services 2


Description languages i

Description languages - I

  • WSDL:

    • Complicated

    • Difficult to describe protocols that use SOAP headers so not straightforward for WS-*

    • Operation-centric

    • Web service versioning is difficult (better in WSDL 2.0)

    • Limited modelling of interaction patterns (no more than two messages within a single exchange)

    • No choreographic information so cannot specify ordering constraints between operations

    • WSDL is immutable so no dynamic endpoints

IVOA Beijing: Grid & Web Services 2


Description languages ii

Description languages - II

  • WSDL 1.1:

    • Supports HTTP GET and POST

    • Cannot use GET with no parameters

    • Cannot mix multiple HTTP methods on one port

  • WSDL 2.0:

    • Supports HTTP GET/PUT/POST/DELETE

    • No support for JSON or binary format (need to write specification for binding rules on how to serialize)

    • Authentication limited to HTTP Basic and Digest

    • No support for links: cannot write WSDL for Atom Publishing Protocol

  • WADL:

    • Backed by Sun (wadl.java.dev.net - wadl2java)

    • http://code.google.com/p/rest-api-code-gen/

    • REST Describe (http://tomayac.de/rest-describe/latest/RestDescribe.html)

IVOA Beijing: Grid & Web Services 2


Sample wadl file

Sample WADL file

<application xmlns="http://research.sun.com/wadl/2006/10"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xmlns:xsd="http://www.w3.org/2001/XMLSchema"

xmlns:vot="http://www.ivoa.net/xml/VOTable/v1.1"

xsi:schemaLocation="http://research.sun.com/wadl/2006/10 wadl.xsd">

<grammars>

<include href="votable.xsd"/>

</grammars>

<resources base="http://galex.stsci.edu/gxWS/ConeSearch">

<resource path="gxConeSearch.aspx">

<method name="GET">

<request>

<param name="ra" type="xsd:float" style="query"/>

<param name="dec" type="xsd:float" style="query"/>

<param name="sr" type="xsd:float" style="query"/>

</request>

<response>

<representation mediaType="text/xml" element="vot:VOTABLE"/>

</response>

</method>

</resource>

</resources>

</application>

IVOA Beijing: Grid & Web Services 2


Security

Security

  • WS-Security:

    • provides message level, end-to-end security

    • really requires WS-SecurityPolicy

    • interoperable implementations?

  • HTTP Basic:

    • Base64-encoded username/password

  • HTTP Digest:

    • MD5 hashes of username, password, authentication realm, etc.

  • SSL/TLS:

    • provides transport level, point-to-point security

  • Message authentication:

    • AWS approach using HMAC with SHA-1 hash code

  • HTTPSec for “full” message level security

IVOA Beijing: Grid & Web Services 2


Addressing state

Addressing + state

  • WS-Addressing:

    • SOAP lacks a standard way to specify where a message is going, how to return a response or where to report an error

    • provides SOAP header keywords such as: To, ReplyTo, FaultsTo, Anonymous, and MessageId/RelatesTo.

    • SAF (Store-and-forward) service is a use case that REST cannot address

  • WSRF:

    • framework for handling state

    • separates web service and state information (resource)

    • a resource has a unique key and message exchanges with the service are used to interact with the resource

    • basically equivalent to REST

IVOA Beijing: Grid & Web Services 2


  • Login