Monday, July 10, 2017

Web Services : JAX RS and JAX WS

SOAP
Simple Object Access Protocol (SOAP) is a standard protocol specification for message exchange based on XML. Communication between the web service and client happens using XML messages.

A simple web service architecture have two components
  • Client 
  • Service provider 


In order to communicate client must know some information for e.g.
  • Location of webservices server 
  • Functions available,signature and return types of function. 
  • Communication protocol 
  • Input output formats 

Service provider will create a standard XML file which will have all above information.So If this file is given to client then client will be able to access web service. This XML file is called WSDL.


What is WSDL?

WSDL stands for Web Service Description Language. It is an XML file that describes the technical details of how to implement a web service, more specifically the URI, port, method names, arguments, and data types. Since WSDL is XML, it is both human-readable and machine-consumable, which aids in the ability to call and bind to services dynamically.using this WSDL file we can understand things like,
  • Port / Endpoint – URL of the web service 
  • Input message format 
  • Output message format 
  • Security protocol that needs to be followed 
  • Which protocol the web service uses 
  • Ways to access web service:


There are two ways to access web service.
1. If Service provider knows client:If service provider knows its client then it will provide its wsdl to client and client will be able to access web service.





2. Service provider register its WSDL to UDDI and client can access it from UDDI:UDDI stands for Universal Description, Discovery and Integration.It is a directory service. Web services can register with a UDDI and make themselves available through it for discovery.So following steps are involved. 
  • Service provider registers with UDDI.
  • Client searches for service in UDDI.
  • UDDI returns all service providers offering that service.
  • Client chooses service provider
  • UDDI returns WSDL of chosen service provider.
  • Using WSDL of service provider,client accesses web service.






All details related to webservices available here:

http://docs.oracle.com/cd/E40938_01/doc.74/e40142/dev_secure_web_srvcs.htm
http://www.journaldev.com/9193/web-services-interview-questions-soap-restful#types-of-web-services


Note-:


What is the use of Accept and Content-Type Headers in HTTP Request?
These are important headers in Restful web services. Accept headers tells web service what kind of response client is accepting, so if a web service is capable of sending response in XML and JSON format and client sends Accept header as “application/xml” then XML response will be sent. For Accept header “application/json”, server will send the JSON response. Content-Type header is used to tell server what is the format of data being sent in the request. If Content-Type header is “application/xml” then server will try to parse it as XML data. This header is useful in HTTP Post and Put requests.



JAX RS


Java API for RESTful Web Services (JAX-RS) is the Java API for creating REST web services. JAX-RS uses annotations to simplify the development and deployment of web services. JAX-RS is part of JDK, so you don’t need to include anything to use it’s annotations.


There are two major implementations of JAX-RS API-:

1. Jersey: Jersey is the reference implementation provided by Sun. For using Jersey as our JAX-RS implementation, all we need to configure its servlet in web.xml and add required dependencies. Note that JAX-RS API is part of JDK not Jersey, so we have to add its dependency jars in our application.

2. RESTEasy: RESTEasy is the JBoss project that provides JAX-RS implementation.

In the web services terms, REpresentational State Transfer (REST) is a stateless client-server architecture in which the web services are viewed as resources and can be identified by their URIs. Web service clients that want to use these resources access via globally defined set of remote methods that describe the action to be performed on the resource.

It consists of two components, REST server which provides access to the resources and a REST client which accesses and modify the REST resources.

In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol. REST isn't protocol specific, but when people talk about REST they usually mean REST over HTTP.

The response from server is considered as the representation of the resources. This representation can be generated from one resource or more number of resources.




Representational State Transfer refers to transferring "representations". You are using a "representation" of a resource to transfer resource state which lives on the server into application state on the client.




Why called rest?


A RESTful web service (also called a RESTful web API) is a web service implemented using HTTP and the principles of REST. It is a collection of resources, with four defined aspects:
  • the base URI for the web service, such as http://example.com/resources/
  • the Internet media type of the data supported by the web service. This is often XML but can be any other valid Internet media type providing that it is a valid hypertext standard.
  • the set of operations supported by the web service using HTTP methods (e.g., GET, PUT, POST, or DELETE).
  • The API must be hypertext driven

 <servlet>
    <servlet-name>RESTful Jersey CRUD Service</servlet-name>
    <servlet-class>org.glassfish.jersey.servlet.ServletContainer</servlet-class>
    <init-param>
        <param-name>jersey.config.server.provider.packages</param-name>
        <param-value>com.javapapers.webservices.rest.jersey</param-value>
    </init-param>
    <load-on-startup>1</load-on-startup>
  </servlet>
  <servlet-mapping>
    <servlet-name>RESTful Jersey CRUD Service</servlet-name>
    <url-pattern>/rest/*</url-pattern>
  </servlet-mapping>
In short, JAX RS has to declare resource in particular format and then client can access it using set pattern.

Basic Annotations:
@Path, @Pathparam,@GET, @PUT, @POST, @Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)


Two best resource for JAX RS-:

http://javapapers.com/web-service/restful-services-crud-with-java-jax-rs-jersey/
http://www.mkyong.com/tutorials/jax-rs-tutorials/


Security in WEB services
During the past few years, the technology industry has been working on various XML-based security schemes to provide comprehensive and unified security schemes for Web services. These schemes include:
  • XML digital signature 
  • XML Encryption 
  • XKMS (XML Key Management Specification) 
  • XACML (Extensible Access Control Markup Language) 
  • SAML (Secure Assertion Markup Language) 
  • WS-Security (Web Services Security) 
  • ebXML Message Service 
  • The Liberty Alliance Project 
for secuirty topics;
http://www.javaworld.com/article/2073287/soa/secure-web-services.html
http://javaranch.com/journal/200603/WSSecurity.html


SOAP vs REST web services

Parameter
SOAP
REST
Acronym
SOAP stands for simple object access protocol
REST stands for REpresentational State Transfer
Protocol vs Architectural style
 SOAP is a standard protocol to create web services
Rest is architectural style to create web services.
Contract
Client and Server are bind with WSDL contract
There is no contract between client and Server.
Format Support
SOAP supports only XML format
REST web services supports XML, json and plain text etc.
Maintainability
SOAP web services are hard to maintain as if we do any changes in WSDL , we need to create client stub again
REST web services are generally easy to maintain.
Service interfaces vs URI
SOAP uses Service interfaces to expose business logic
Rest uses URI to expose business logic
Security
SOAP has its own security : WS-security
Rest inherits its security from underlying transport layer.
Bandwidth
SOAP requires more bandwidth and resources as it uses XML messages to exchange information
REST requires less bandwith and resources. It can use JSON also.
Learning curve
SOAP web services are hard to learn as you need to understand WSDL , client stub
REST web services are easy to understand as you need to annotate plain java class with JAX-RS annotations to use various HTTP methods.

When to use JAX WS and JAX RS
  • JAX-WS is meant for XML based web services such as SOAP. JAX-RS does not have the same restriction.
  • JAX-WS is generally geared towards server to server interactions with well defined contracts (WSDLs) and usually when the service and client side are from separate groups. It is very resource intensive so it isn't feasible for client-to-server interactions where the network or client device capability is less than optimal.
  • JAX-RS is geared towards client to server interactions, although server-to-server is okay. As it has little service obligations, it can be tuned to whatever the client needs are.
  • However, using RESTful service APIs is akin to doing meta-programming like Ruby and Python which delays problems to run-time as there is no defined schema agreed and technically enforced upon by the two sides. As such I don't recommend RESTful services everywhere, but I would recommend it if I had control of the two sides which normally happens when you do build a web application that uses static HTML/CSS/JS and talks with a RESTful server for the data.

Other link:

2 comments:

  1. Brilliant blog I visit this blog it's incredibly awesome. Curiously, in this blog content formed doubtlessly and sensible. The substance of information is helpful.
    Workday Online Training

    ReplyDelete

Interview Prep: Java full stack

 SOLID principle :  https://www.educative.io/answers/what-are-the-solid-principles-in-java Design Pattern:  Creational:  https://medium.com...