有人能用通俗易懂的英语解释一下什么是REST,什么是SOAP吗?Web服务是如何工作的?
当前回答
基于soap的Web服务 简而言之,基于soap的服务模型将世界视为一个由相互平等的对等点组成的生态系统,这些对等点不能相互控制,但必须通过遵守已发布的契约来共同工作。这是有效的 混乱的现实世界的模型,以及基于元数据的契约形成SOAP服务接口。
我们仍然可以将SOAP与基于xml的远程过程调用相关联,但是基于SOAP的Web服务技术已经成为一种灵活而强大的消息传递模型。
SOAP假定所有系统都是独立的,并且没有系统知道其他系统的内部信息和内部功能。 这样的系统最多能做的就是互相发送消息,并希望它们能被采取行动。系统发布它们承诺遵守的契约,而其他系统依赖这些契约与它们交换消息。
Contracts between systems are collectively called metadata, and comprise service descriptions, the message exchange patterns supported and the policies governing qualities of service (a service may need to be encrypted, reliably delivered, etc.) A service description, in turn, is a detailed specification of the data (message documents) that will be sent and received by the system. The documents are described using an XML description language like XML Schema Definition. As long as all systems honor their published contracts, they can inter operate, and changes to the internals of systems never affect any other. Every system is responsible for translating its own internal implementations to and from its contracts
REST -具象状态传输。物理 协议是HTTP。基本上,REST是指web上所有可以通过URL唯一识别的不同资源。可以在这些资源上执行的所有操作都可以用一组有限的动词(“CRUD”动词)来描述,这些动词又映射到HTTP动词。
REST的“重量级”比SOAP少得多。
web服务的工作
其他回答
SOAP的问题在于它与HTTP栈背后的理想相冲突。任何中间件都应该能够在不了解请求或响应内容的情况下处理HTTP请求,但例如,常规的HTTP缓存服务器如果不知道SOAP内容的哪些部分与缓存有关,则无法处理SOAP请求。SOAP只是使用HTTP作为它自己的通信协议的包装器,就像代理一样。
SOAP -“简单对象访问协议”
SOAP是一种在Internet上传输消息或少量信息的简单方法。SOAP消息是XML格式的,通常在发送时控制HTTP。
REST -“具象状态传输”
REST是风扇和服务器之间的可能性和接收信息的基本过程,它没有明确定义许多标准。您可以以JSON、XML甚至纯文本的形式发送和接受信息。与SOAP相比,它是轻量级的。
SOAP和REST都是指不同系统相互通信的方式。
REST使用的技术类似于浏览器与web服务器之间的通信:使用GET请求一个网页,在表单字段中发布,等等。
SOAP提供了类似的功能,但是通过来回发送XML块来完成所有工作。SOAP的另一个关键组件是WSDL,它是一种描述支持哪些函数和数据元素的XML文档。可以使用wsdl以编程方式“发现”支持哪些函数,以及生成编程代码存根。
SOAP -简单对象访问协议是一个协议!
具象状态传输是一种架构风格!
SOAP是一种用于传输消息的XML协议,通常通过HTTP传输
REST和SOAP可以说不是相互排斥的。基于rest的体系结构可能使用HTTP或SOAP或其他通信协议。REST针对web进行了优化,因此HTTP是一个完美的选择。HTTP也是Roy Fielding论文中讨论的唯一协议。
尽管REST和SOAP显然非常不同,但这个问题确实说明了REST和HTTP经常是串联使用的事实。这主要是由于HTTP的简单性及其与RESTful原则的非常自然的映射。
REST基本原则
客户端和服务器之间的通信
客户机-服务器体系结构具有非常明显的关注点分离。所有以RESTful风格构建的应用程序原则上也必须是客户机-服务器。
无状态的
每个客户端对服务器的请求都要求完全表示其状态。服务器必须能够在不使用任何服务器上下文或服务器会话状态的情况下完全理解客户端请求。因此,所有的状态都必须保存在客户机上。稍后我们将更详细地讨论无状态表示。
缓存
可以使用缓存约束,从而将响应数据标记为可缓存或不可缓存。任何标记为可缓存的数据都可以被重用作为对相同后续请求的响应。
统一的接口
All components must interact through a single uniform interface. Because all component interaction occurs via this interface, interaction with different services is very simple. The interface is the same! This also means that implementation changes can be made in isolation. Such changes, will not affect fundamental component interaction because the uniform interface is always unchanged. One disadvantage is that you are stuck with the interface. If an optimization could be provided to a specific service by changing the interface, you are out of luck as REST prohibits this. On the bright side, however, REST is optimized for the web, hence incredible popularity of REST over HTTP!
上述概念代表了REST的定义特征,并将REST体系结构与其他体系结构(如web服务)区分开来。值得注意的是,REST服务是web服务,但web服务不一定是REST服务。
请参阅关于REST设计原则的博客文章,了解更多关于REST和上述要点的详细信息。
SOAP web服务和REST web服务都可以使用HTTP协议和其他协议(只是提到SOAP可以是REST的底层协议)。我将只讨论与SOAP和REST相关的HTTP协议,因为这是它们最常用的用法。
SOAP
SOAP(“简单”对象访问协议)是一种协议(也是W3C标准)。它定义了如何创建、发送和处理SOAP消息。
SOAP messages are XML documents with a specific structure: they contain an envelope which contains the header and the body section. The body contains the actual data - we want to send - in an XML format. There are two encoding styles, but we usually choose literal, which means that our application or its SOAP driver does the XML serialization and unserialization of the data. SOAP messages travel as HTTP messages with SOAP+XML MIME subtype. These HTTP messages can be multipart, so optionally we can attach files to SOAP messages. Obviously we use a client-server architecture, so the SOAP clients send requests to the SOAP webserices and the services send back responses to the clients. Most of the webservices use a WSDL file to describe the service. The WSDL file contains the XML Schema (XSD hereafter) of the data we want to send and the WSDL binding which defines how the webservice is bound to the HTTP protocol. There are two binding styles: RPC and document. By the RPC style binding the SOAP body contains the representation of an operation call with the parameters (HTTP requests) or the return values (HTTP response). The parameters and return values are validated against the XSD. By the document style binding the SOAP body contains an XML document which is validated against the XSD. I think the document binding style is better suited to event based systems, but I never used that binding style. The RPC binding style is more prevalent, so most people use SOAP for XML/RPC purposes by distributed applications. The webservices usually find each other by asking an UDDI server. UDDI servers are registries which store the location of the webservices.
SOAP RPC
因此,在我看来,最流行的SOAP web服务使用RPC绑定样式和文字编码样式,它具有以下属性:
It maps URLs to operations. It sends messages with SOAP+XML MIME subtype. It can have a server side session store, there are no constraints about that. The SOAP client drivers use the WSDL file of the service to convert the RPC operations into methods. The client side application communicates with the SOAP webservice by calling these methods. So most of the SOAP clients break by interface changes (resulting method names and/or parameter changes). It is possible to write SOAP clients which won't break by interface changes using RDF and find operations by semantics, but semantic webservice are very rare and they don't necessarily have a non breaking client (I guess).
REST
REST (representational state transfer) is an architecture style which is described in the dissertation of Roy Fielding. It does not concern about protocols like SOAP does. It starts with a null architecture style having no constraints and defines the constraints of the REST architecture one by one. People use the term RESTful for webservices which fulfill all of the REST constraints, but according to Roy Fielding, there are no such things as REST levels. When a webservice does not meet with every single REST constraint, then it is not a REST webservice.
其他约束
Client - server architecture - I think this part is familiar to everyone. The REST clients communicate with the REST webservices, the webservices maintain the common data - resource state hereafter - and serve it to the clients. Stateless - The "state transfer" part of the abbreviation: REST. The clients maintain the client state (session/application state), so the services must not have a session storage. The clients transfer the relevant part of the client state by every request to the services which respond with the relevant part of the resource state (maintained by them). So requests don't have context, they always contain the necessary information to process them. For example by HTTP basic auth the username and the password is stored by the client, and it sends them with every request, so authentication happens by every request. This is very different from regular webapplications where authentication happens only by login. We can use any client side data storage mechanism like in-memory(javascript), cookies, localStorage, and so on... to persist some parts of the client state if we want. The reason of the statelessness constraint, that the server scales well - even by very high load (millions of users) - when it does not have to maintain the session of every single client. Cache - The response must contain information about it can be cached by the client or not. This improves scalability further. Uniform interface Identification of resources - REST resource is the same as RDF resource. According to Fielding if you can name something, then it can be a resource, for example: "the current local weather" can be a resource, or "your mobile phone" can be a resource, or "a specific web document" can be a resource. To identify a resource you can use resource identifiers: URLs and URNs (for example ISBN number by books). A single identifier should belong only to a specific resource, but a single resource can have many identifiers, which we frequently exploit for example by pagination with URLs like https://example.com/api/v1/users?offset=50&count=25. URLs have some specifications, for example URLs with the same pathes but different queries are not identical, or the path part should contain the hierarhical data of the URL and the query part should contain the non-hierarchical data. These are the basics of how to create URLs by REST. Btw. the URL structure does matter only for the service developers, a real REST client does not concern with it. Another frequently asked question is API versioning, which is an easy one, because according to Fielding the only constant thing by resource is semantics. If the semantics change, then you can add a new version number. You can use classical 3 number versioning and add only the major number to the URLs (https://example.com/api/v1/). So by backward compatible changes nothing happens, by non-backward compatible changes you will have a non-backward compatible semantics with a new API root https://example.com/api/v2/. So the old clients won't break, because they can use the https://example.com/api/v1/ with the old semantics. Manipulation of resources through representations - You can manipulate the data related to resources (resource state) by sending the intended representation of the resources - along with the HTTP method and the resource identifier - to the REST service. For example if you want to rename a user after marriage, you can send a PATCH https://example.com/api/v1/users/1 {name: "Mrs Smith"} request where the {name: "Mrs Smith"} is a JSON representation of the intended resource state, in other words: the new name. This happens vica-versa, the service sends representations of resources to the clients in order to change their states. For example if we want to read the new name, we can send a GET https://example.com/api/v1/users/1?fields="name" retrieval request, which results in a 200 ok, {name: "Mrs Smith"} response. So we can use this representation to change the client state, for example we can display a "Welcome to our page Mrs Smith!" message. A resource can have many representations depending on the resource identifier (URL) or the accept header we sent with the request. For example we can send an image of Mrs Smith (probably not nude) if image/jpeg is requested. Self-descriptive messages - Messages must contain information about how to process them. For example URI and HTTP method, content-type header, cache headers, RDF which describes the meaning of the data, etc... It is important to use standard methods. It is important to know the specification of the HTTP methods. For example GET means retrieving information identified by the request URL, DELETE means asking the server to delete the resource identified by the given URL, and so on... HTTP status codes have a specification as well, for example 200 means success, 201 means the a new resource has been created, 404 means that the requested resource was not found on the server, etc... Using existing standards is an important part of REST. Hypermedia as the engine of application state (HATEOAS hereafter) - Hypermedia is a media type which can contain hyperlinks. By the web we follow links - described by a hypermedia format (usually HTML) - to achieve a goal, instead of typing the URLs into the addres bar. REST follows the same concept, the representations sent by the service can contain hyperlinks. We use these hyperlinks to send requests to the service. With the response we get data (and probably more links) which we can use to build the new client state, and so on... So that's why hypermedia is the engine of application state (client state). You probably wonder how do clients recognize and follow the hyperlinks? By humans it is pretty simple, we read the title of the link, maybe fill input fields, and after that just a single click. By machines we have to add semantics to the links with RDF (by JSON-LD with Hydra) or with hypermedia specific solutions (for example IANA link relations and vendor specific MIME types by HAL+JSON). There are many machine readable XML and JSON hypermedia formats, just a short list of them: XHTML ATOM+XML RDF+XML HAL+XML HAL+JSON JSON-LD RDF+JSON Siren Collection+JSON Sometimes it is hard to choose... Layered system - We can use multiple layers between the clients and the services. None of them should know about all of these additonal layers, just of layer right next to it. These layers can improve scalability by applying caches and load balancing or they can enforce security policies. Code on demand - We can send back code which extends the functionality of the client, for example javascript code to a browser. This is the only optional constraint of REST.
REST web服务与SOAP RPC web服务的区别
因此,REST web服务与SOAP web服务(具有RPC绑定样式和文字编码样式)非常不同。
It defines an uniform interface (intead of a protocol). It maps URLs to resources (and not operations). It sends messages with any MIME types (instead of just SOAP+XML). It has a stateless communication, and so it cannot have a server side session storage. (SOAP has no constraint about this) It serves hypermedia and the clients use links contained by that hypermedia to request the service. (SOAP RPC uses operation bindings described in the WSDL file) It does not break by URL changes only by semantics changes. (SOAP RPC clients without using RDF semantics break by WSDL file changes.) It scales better than a SOAP webservice because of its stateless behavior.
等等……
SOAP RPC web服务不满足所有REST约束:
客户-服务器架构——总是这样 无状态-可能 缓存-可能 统一接口-从不 分层系统-从不 按需编码(可选)-可能
推荐文章
- 致命错误:未找到类“SoapClient”
- 调用webrequest, POST参数
- 如何在Spring RestTemplate请求上设置“接受:”头?
- REST API最佳实践:查询字符串中的参数vs请求体中的参数
- Java中SOAP和rest式web服务的主要区别
- 最简单的SOAP示例
- 如何为Java创建REST客户端?
- file_get_contents(): SSL operation failed with code 1, failed to enable crypto
- 在HttpClient和WebClient之间进行选择
- 执行没有实体主体的HTTP POST被认为是不好的做法吗?
- JavaScript/jQuery下载文件通过POST与JSON数据
- 基于Spring的RESTful认证
- 使用Python向RESTful API发出请求
- JAX-RS -如何返回JSON和HTTP状态码一起?
- REST vs JSON-RPC?