有人能用通俗易懂的英语解释一下什么是REST,什么是SOAP吗?Web服务是如何工作的?
我想这是我能解释得最简单的了。请,任何人都欢迎纠正我或补充这一点。
SOAP是一种消息格式,用于断开连接的系统(如通过internet)交换信息/数据。它处理来回的XML消息。
Web服务传输或接收SOAP消息。它们的工作方式因所用语言不同而不同。
这两种方法都被许多大型公司采用。这是个人喜好的问题。我更喜欢REST,因为它更容易使用和理解。
简单对象访问协议(SOAP):
SOAP builds an XML protocol on top of HTTP or sometimes TCP/IP. SOAP describes functions, and types of data. SOAP is a successor of XML-RPC and is very similar, but describes a standard way to communicate. Several programming languages have native support for SOAP, you typically feed it a web service URL and you can call its web service functions without the need of specific code. Binary data that is sent must be encoded first into a format such as base64 encoded. Has several protocols and technologies relating to it: WSDL, XSDs, SOAP, WS-Addressing
具象状态转移(REST):
REST need not be over HTTP but most of my points below will have an HTTP bias. REST is very lightweight, it says wait a minute, we don't need all of this complexity that SOAP created. Typically uses normal HTTP methods instead of a big XML format describing everything. For example to obtain a resource you use HTTP GET, to put a resource on the server you use HTTP PUT. To delete a resource on the server you use HTTP DELETE. REST is a very simple in that it uses HTTP GET, POST and PUT methods to update resources on the server. REST typically is best used with Resource Oriented Architecture (ROA). In this mode of thinking everything is a resource, and you would operate on these resources. As long as your programming language has an HTTP library, and most do, you can consume a REST HTTP protocol very easily. Binary data or binary resources can simply be delivered upon their request.
在谷歌上有关于REST和SOAP的无休止的争论。
我最喜欢的是这个。 2013年11月27日更新:保罗·普莱斯科德的网站似乎已经下线,这篇文章不再可用,不过可以在Wayback Machine上找到副本,或者在CiteSeerX上以PDF格式找到。
我喜欢布莱恩·r·邦迪的回答。我只是想补充一点,维基百科对REST提供了清晰的描述。本文将它与SOAP区别开来。
REST是一种状态信息交换,尽可能简单地完成。
SOAP是一种使用XML的消息协议。
许多人从SOAP转向REST的主要原因之一是与基于SOAP的web服务相关的WS-*(称为WS splat)标准极其复杂。请参阅维基百科的规格列表。这些规范中的每一个都非常复杂。
编辑:由于某些原因链接不能正确显示。REST = http://en.wikipedia.org/wiki/REST
WS-* = http://en.wikipedia.org/wiki/WS-*
SOAP和REST都是指不同系统相互通信的方式。
REST使用的技术类似于浏览器与web服务器之间的通信:使用GET请求一个网页,在表单字段中发布,等等。
SOAP提供了类似的功能,但是通过来回发送XML块来完成所有工作。SOAP的另一个关键组件是WSDL,它是一种描述支持哪些函数和数据元素的XML文档。可以使用wsdl以编程方式“发现”支持哪些函数,以及生成编程代码存根。
SOAP的问题在于它与HTTP栈背后的理想相冲突。任何中间件都应该能够在不了解请求或响应内容的情况下处理HTTP请求,但例如,常规的HTTP缓存服务器如果不知道SOAP内容的哪些部分与缓存有关,则无法处理SOAP请求。SOAP只是使用HTTP作为它自己的通信协议的包装器,就像代理一样。
关于SOAP和REST的简单解释
SOAP -“简单对象访问协议”
SOAP是一种在Internet上传输消息或少量信息的方法。SOAP消息是XML格式的,通常使用HTTP(超文本传输协议)发送。
休息-具象状态转移
Rest是一种在客户端和服务器之间发送和接收数据的简单方法,它没有定义很多标准。您可以以JSON、XML甚至纯文本的形式发送和接收数据。与SOAP相比,它是轻量级的。
这是你能找到的最简单的解释。
这篇文章以丈夫对妻子的叙述为例,丈夫用纯外行的语言向妻子解释REST。一定要读!
如何向我的妻子解释休息(原始链接) 如何向妻子解释休息(2013-07-19工作链接)
REST
I understand the main idea of REST is extremely simple. We have used web browsers for years and we have seen how easy, flexible, performing, etc web sites are. HTML sites use hyperlinks and forms as the primary means of user interaction. Their main goal is to allow us, clients, to know only those links that we can use in the current state. And REST simply says 'why not use the same principles to drive computer rather than human clients through our application?' Combine this with the power of the WWW infrastructure and you'll get a killer tool for building great distributed applications.
另一种可能的解释是针对具有数学思维的人。每个应用程序基本上都是一个状态机,业务逻辑操作是状态转换。REST的思想是将每个转换映射到某个资源的请求上,并向客户端提供表示当前状态下可用转换的链接。因此,它通过表示和链接对状态机建模。这就是为什么它被称为具象状态传输。
It's quite surprising that all answers seem to focus either on message format, or on HTTP verbs usage. In fact, the message format doesn't matter at all, REST can use any one provided that the service developer documents it. HTTP verbs only make a service a CRUD service, but not yet RESTful. What really turns a service into a REST service are hyperlinks (aka hypermedia controls) embedded into server responses together with data, and their amount must be enough for any client to choose the next action from those links.
不幸的是,除了Roy Fielding的论文,在Web上很难找到关于REST的正确信息。(他是REST的发明人)。我推荐《REST in Practice》这本书,因为它提供了一个全面的循序渐进的教程,教你如何从SOAP演进到REST。
SOAP
这是RPC(远程过程调用)体系结构样式的一种可能形式。本质上,它只是一种允许客户端通过服务边界(网络、进程等)调用服务器方法的技术,就像调用本地方法一样。当然,它实际上与调用本地方法在速度、可靠性等方面有所不同,但思想就是这么简单。
相比
The details like transport protocols, message formats, xsd, wsdl, etc. don't matter when comparing any form of RPC to REST. The main difference is that an RPC service reinvents bicycle by designing it's own application protocol in the RPC API with the semantics that only it knows. Therefore, all clients have to understand this protocol prior to using the service, and no generic infrastructure like caches can be built because of proprietary semantics of all requests. Furthermore, RPC APIs do not suggest what actions are allowed in the current state, this has to be derived from additional documentation. REST on the other hand implies using uniform interfaces to allow various clients to have some understanding of API semantics, and hypermedia controls (links) to highlight available options in each state. Thus, it allows for caching responses to scale services and making correct API usage easily discoverable without additional documentation.
在某种程度上,SOAP(与任何其他RPC一样)试图通过服务边界进行隧道,将连接媒体视为只能传输消息的黑盒。REST决定承认Web是一个巨大的分布式信息系统,接受世界的现状并学会掌握它,而不是与之对抗。
当您同时控制服务器和客户端,并且交互不太复杂时,SOAP似乎非常适合内部网络api。开发人员更自然地使用它。然而,对于一个被许多独立方使用的公共API来说,它既复杂又庞大,REST应该更适合它。但最后这个比较非常模糊。
更新
My experience has unexpectedly shown REST development to be more difficult than SOAP. At least for .NET. While there are great frameworks like ASP.NET Web API, there's no tooling that would automatically generate client-side proxy. Nothing like 'Add Web Service Reference' or 'Add WCF Service Reference'. One has to write all serialization and service querying code by hand. And man, that's lots of boilerplate code. I think REST development needs something similar to WSDL and tooling implementation for each development platform. In fact, there seems to be a good ground: WADL or WSDL 2.0, but neither of the standards seems to be well-supported.
更新(2016年1月)
事实证明,现在有各种各样的REST API定义工具。目前我的个人偏好是RAML。
Web服务如何工作
嗯,这是一个过于宽泛的问题,因为它取决于特定web服务中使用的架构和技术。但一般来说,web服务只是web中的某个应用程序,它可以接受来自客户机的请求并返回响应。它暴露在网络上,因此它是一种网络服务,它通常是全天候可用的,这就是为什么它是一种服务。当然,它为客户端解决了一些问题(否则为什么有人会使用web服务)。
我将从第二个问题开始:什么是Web服务?原因显而易见。
WebServices本质上是公开某些功能或数据的逻辑片段(您可以模糊地将其称为方法)。客户端实现(技术上讲,消费是这个词)只需要知道方法将要接受的参数是什么,以及它将要返回的数据类型(如果它确实要返回的话)。
下面的链接以极其清晰的方式讲述了关于REST和SOAP的一切。
REST vs SOAP
如果您还想知道什么时候选择什么(REST或SOAP),那么更有理由经历它!
REST是一种用于设计网络应用程序的体系结构风格。其思想是,使用简单的HTTP在机器之间进行调用,而不是使用复杂的机制(如CORBA、RPC或SOAP)来连接机器。
基于soap的Web服务 简而言之,基于soap的服务模型将世界视为一个由相互平等的对等点组成的生态系统,这些对等点不能相互控制,但必须通过遵守已发布的契约来共同工作。这是有效的 混乱的现实世界的模型,以及基于元数据的契约形成SOAP服务接口。
我们仍然可以将SOAP与基于xml的远程过程调用相关联,但是基于SOAP的Web服务技术已经成为一种灵活而强大的消息传递模型。
SOAP假定所有系统都是独立的,并且没有系统知道其他系统的内部信息和内部功能。 这样的系统最多能做的就是互相发送消息,并希望它们能被采取行动。系统发布它们承诺遵守的契约,而其他系统依赖这些契约与它们交换消息。
Contracts between systems are collectively called metadata, and comprise service descriptions, the message exchange patterns supported and the policies governing qualities of service (a service may need to be encrypted, reliably delivered, etc.) A service description, in turn, is a detailed specification of the data (message documents) that will be sent and received by the system. The documents are described using an XML description language like XML Schema Definition. As long as all systems honor their published contracts, they can inter operate, and changes to the internals of systems never affect any other. Every system is responsible for translating its own internal implementations to and from its contracts
REST -具象状态传输。物理 协议是HTTP。基本上,REST是指web上所有可以通过URL唯一识别的不同资源。可以在这些资源上执行的所有操作都可以用一组有限的动词(“CRUD”动词)来描述,这些动词又映射到HTTP动词。
REST的“重量级”比SOAP少得多。
web服务的工作
SOAP -简单对象访问协议是一个协议!
具象状态传输是一种架构风格!
SOAP是一种用于传输消息的XML协议,通常通过HTTP传输
REST和SOAP可以说不是相互排斥的。基于rest的体系结构可能使用HTTP或SOAP或其他通信协议。REST针对web进行了优化,因此HTTP是一个完美的选择。HTTP也是Roy Fielding论文中讨论的唯一协议。
尽管REST和SOAP显然非常不同,但这个问题确实说明了REST和HTTP经常是串联使用的事实。这主要是由于HTTP的简单性及其与RESTful原则的非常自然的映射。
REST基本原则
客户端和服务器之间的通信
客户机-服务器体系结构具有非常明显的关注点分离。所有以RESTful风格构建的应用程序原则上也必须是客户机-服务器。
无状态的
每个客户端对服务器的请求都要求完全表示其状态。服务器必须能够在不使用任何服务器上下文或服务器会话状态的情况下完全理解客户端请求。因此,所有的状态都必须保存在客户机上。稍后我们将更详细地讨论无状态表示。
缓存
可以使用缓存约束,从而将响应数据标记为可缓存或不可缓存。任何标记为可缓存的数据都可以被重用作为对相同后续请求的响应。
统一的接口
All components must interact through a single uniform interface. Because all component interaction occurs via this interface, interaction with different services is very simple. The interface is the same! This also means that implementation changes can be made in isolation. Such changes, will not affect fundamental component interaction because the uniform interface is always unchanged. One disadvantage is that you are stuck with the interface. If an optimization could be provided to a specific service by changing the interface, you are out of luck as REST prohibits this. On the bright side, however, REST is optimized for the web, hence incredible popularity of REST over HTTP!
上述概念代表了REST的定义特征,并将REST体系结构与其他体系结构(如web服务)区分开来。值得注意的是,REST服务是web服务,但web服务不一定是REST服务。
请参阅关于REST设计原则的博客文章,了解更多关于REST和上述要点的详细信息。
SOAP web服务和REST web服务都可以使用HTTP协议和其他协议(只是提到SOAP可以是REST的底层协议)。我将只讨论与SOAP和REST相关的HTTP协议,因为这是它们最常用的用法。
SOAP
SOAP(“简单”对象访问协议)是一种协议(也是W3C标准)。它定义了如何创建、发送和处理SOAP消息。
SOAP messages are XML documents with a specific structure: they contain an envelope which contains the header and the body section. The body contains the actual data - we want to send - in an XML format. There are two encoding styles, but we usually choose literal, which means that our application or its SOAP driver does the XML serialization and unserialization of the data. SOAP messages travel as HTTP messages with SOAP+XML MIME subtype. These HTTP messages can be multipart, so optionally we can attach files to SOAP messages. Obviously we use a client-server architecture, so the SOAP clients send requests to the SOAP webserices and the services send back responses to the clients. Most of the webservices use a WSDL file to describe the service. The WSDL file contains the XML Schema (XSD hereafter) of the data we want to send and the WSDL binding which defines how the webservice is bound to the HTTP protocol. There are two binding styles: RPC and document. By the RPC style binding the SOAP body contains the representation of an operation call with the parameters (HTTP requests) or the return values (HTTP response). The parameters and return values are validated against the XSD. By the document style binding the SOAP body contains an XML document which is validated against the XSD. I think the document binding style is better suited to event based systems, but I never used that binding style. The RPC binding style is more prevalent, so most people use SOAP for XML/RPC purposes by distributed applications. The webservices usually find each other by asking an UDDI server. UDDI servers are registries which store the location of the webservices.
SOAP RPC
因此,在我看来,最流行的SOAP web服务使用RPC绑定样式和文字编码样式,它具有以下属性:
It maps URLs to operations. It sends messages with SOAP+XML MIME subtype. It can have a server side session store, there are no constraints about that. The SOAP client drivers use the WSDL file of the service to convert the RPC operations into methods. The client side application communicates with the SOAP webservice by calling these methods. So most of the SOAP clients break by interface changes (resulting method names and/or parameter changes). It is possible to write SOAP clients which won't break by interface changes using RDF and find operations by semantics, but semantic webservice are very rare and they don't necessarily have a non breaking client (I guess).
REST
REST (representational state transfer) is an architecture style which is described in the dissertation of Roy Fielding. It does not concern about protocols like SOAP does. It starts with a null architecture style having no constraints and defines the constraints of the REST architecture one by one. People use the term RESTful for webservices which fulfill all of the REST constraints, but according to Roy Fielding, there are no such things as REST levels. When a webservice does not meet with every single REST constraint, then it is not a REST webservice.
其他约束
Client - server architecture - I think this part is familiar to everyone. The REST clients communicate with the REST webservices, the webservices maintain the common data - resource state hereafter - and serve it to the clients. Stateless - The "state transfer" part of the abbreviation: REST. The clients maintain the client state (session/application state), so the services must not have a session storage. The clients transfer the relevant part of the client state by every request to the services which respond with the relevant part of the resource state (maintained by them). So requests don't have context, they always contain the necessary information to process them. For example by HTTP basic auth the username and the password is stored by the client, and it sends them with every request, so authentication happens by every request. This is very different from regular webapplications where authentication happens only by login. We can use any client side data storage mechanism like in-memory(javascript), cookies, localStorage, and so on... to persist some parts of the client state if we want. The reason of the statelessness constraint, that the server scales well - even by very high load (millions of users) - when it does not have to maintain the session of every single client. Cache - The response must contain information about it can be cached by the client or not. This improves scalability further. Uniform interface Identification of resources - REST resource is the same as RDF resource. According to Fielding if you can name something, then it can be a resource, for example: "the current local weather" can be a resource, or "your mobile phone" can be a resource, or "a specific web document" can be a resource. To identify a resource you can use resource identifiers: URLs and URNs (for example ISBN number by books). A single identifier should belong only to a specific resource, but a single resource can have many identifiers, which we frequently exploit for example by pagination with URLs like https://example.com/api/v1/users?offset=50&count=25. URLs have some specifications, for example URLs with the same pathes but different queries are not identical, or the path part should contain the hierarhical data of the URL and the query part should contain the non-hierarchical data. These are the basics of how to create URLs by REST. Btw. the URL structure does matter only for the service developers, a real REST client does not concern with it. Another frequently asked question is API versioning, which is an easy one, because according to Fielding the only constant thing by resource is semantics. If the semantics change, then you can add a new version number. You can use classical 3 number versioning and add only the major number to the URLs (https://example.com/api/v1/). So by backward compatible changes nothing happens, by non-backward compatible changes you will have a non-backward compatible semantics with a new API root https://example.com/api/v2/. So the old clients won't break, because they can use the https://example.com/api/v1/ with the old semantics. Manipulation of resources through representations - You can manipulate the data related to resources (resource state) by sending the intended representation of the resources - along with the HTTP method and the resource identifier - to the REST service. For example if you want to rename a user after marriage, you can send a PATCH https://example.com/api/v1/users/1 {name: "Mrs Smith"} request where the {name: "Mrs Smith"} is a JSON representation of the intended resource state, in other words: the new name. This happens vica-versa, the service sends representations of resources to the clients in order to change their states. For example if we want to read the new name, we can send a GET https://example.com/api/v1/users/1?fields="name" retrieval request, which results in a 200 ok, {name: "Mrs Smith"} response. So we can use this representation to change the client state, for example we can display a "Welcome to our page Mrs Smith!" message. A resource can have many representations depending on the resource identifier (URL) or the accept header we sent with the request. For example we can send an image of Mrs Smith (probably not nude) if image/jpeg is requested. Self-descriptive messages - Messages must contain information about how to process them. For example URI and HTTP method, content-type header, cache headers, RDF which describes the meaning of the data, etc... It is important to use standard methods. It is important to know the specification of the HTTP methods. For example GET means retrieving information identified by the request URL, DELETE means asking the server to delete the resource identified by the given URL, and so on... HTTP status codes have a specification as well, for example 200 means success, 201 means the a new resource has been created, 404 means that the requested resource was not found on the server, etc... Using existing standards is an important part of REST. Hypermedia as the engine of application state (HATEOAS hereafter) - Hypermedia is a media type which can contain hyperlinks. By the web we follow links - described by a hypermedia format (usually HTML) - to achieve a goal, instead of typing the URLs into the addres bar. REST follows the same concept, the representations sent by the service can contain hyperlinks. We use these hyperlinks to send requests to the service. With the response we get data (and probably more links) which we can use to build the new client state, and so on... So that's why hypermedia is the engine of application state (client state). You probably wonder how do clients recognize and follow the hyperlinks? By humans it is pretty simple, we read the title of the link, maybe fill input fields, and after that just a single click. By machines we have to add semantics to the links with RDF (by JSON-LD with Hydra) or with hypermedia specific solutions (for example IANA link relations and vendor specific MIME types by HAL+JSON). There are many machine readable XML and JSON hypermedia formats, just a short list of them: XHTML ATOM+XML RDF+XML HAL+XML HAL+JSON JSON-LD RDF+JSON Siren Collection+JSON Sometimes it is hard to choose... Layered system - We can use multiple layers between the clients and the services. None of them should know about all of these additonal layers, just of layer right next to it. These layers can improve scalability by applying caches and load balancing or they can enforce security policies. Code on demand - We can send back code which extends the functionality of the client, for example javascript code to a browser. This is the only optional constraint of REST.
REST web服务与SOAP RPC web服务的区别
因此,REST web服务与SOAP web服务(具有RPC绑定样式和文字编码样式)非常不同。
It defines an uniform interface (intead of a protocol). It maps URLs to resources (and not operations). It sends messages with any MIME types (instead of just SOAP+XML). It has a stateless communication, and so it cannot have a server side session storage. (SOAP has no constraint about this) It serves hypermedia and the clients use links contained by that hypermedia to request the service. (SOAP RPC uses operation bindings described in the WSDL file) It does not break by URL changes only by semantics changes. (SOAP RPC clients without using RDF semantics break by WSDL file changes.) It scales better than a SOAP webservice because of its stateless behavior.
等等……
SOAP RPC web服务不满足所有REST约束:
客户-服务器架构——总是这样 无状态-可能 缓存-可能 统一接口-从不 分层系统-从不 按需编码(可选)-可能
SOAP -“简单对象访问协议”
SOAP是一种在Internet上传输消息或少量信息的简单方法。SOAP消息是XML格式的,通常在发送时控制HTTP。
REST -“具象状态传输”
REST是风扇和服务器之间的可能性和接收信息的基本过程,它没有明确定义许多标准。您可以以JSON、XML甚至纯文本的形式发送和接受信息。与SOAP相比,它是轻量级的。
推荐文章
- 如何在package.json中使用“main”参数?
- 跨REST微服务的事务?
- 致命错误:未找到类“SoapClient”
- 调用webrequest, POST参数
- 如何在Spring RestTemplate请求上设置“接受:”头?
- REST API最佳实践:查询字符串中的参数vs请求体中的参数
- Java中SOAP和rest式web服务的主要区别
- 最简单的SOAP示例
- 如何为Java创建REST客户端?
- file_get_contents(): SSL operation failed with code 1, failed to enable crypto
- 在HttpClient和WebClient之间进行选择
- 执行没有实体主体的HTTP POST被认为是不好的做法吗?
- JavaScript/jQuery下载文件通过POST与JSON数据
- 基于Spring的RESTful认证
- 使用Python向RESTful API发出请求