Roman Roman - 28 days ago 7
reST (reStructuredText) Question

Why do we need RESTful Web Services?

I'm going to learn RESTful web services (it's better to say that I'll have to do this because it's a part of CS master degree program).

I've read some info in Wikipedia and I've also read an article about REST at Sun Developer Network and I see that it's not easy technology, there are special frameworks for building RESTful apps, and it's often being compared to SOAP web services and programmer should understand when to use SOAP and when REST could be nice approach.

I remember that several years ago SOAP was very popular (fashionable?) and item 'SOAP' had to be present in every good CV. But in practice it was used very rarely and for achieving very simple purposes.

It seems to me that REST is another 'last word of fashion' (or I can be totally wrong because I haven't ever seen REST in practice).

Can you give me some examples were REST should be used and why we can't do the same without REST (or why we should spend much more time to do the same without REST)?

UPD: Unfortunatelly I can't see any concrete arguments which can blow my mind in first comments. Make me think that REST is awesome technology!

I'd like to see answers like this:


I was developing another complex
HelloWorld application and we need to
transfer lots of / tiny data and I
proposed REST solution to my workmate:

– Oh, damn! Jonny, we should
certainly use REST for implementing
this app!
– Yes, Billy, we
can use REST, but we would better use
SOAP. Trust me 'cause I know something
about developing HelloWorld
applications.
– But SOAP is
old-fashioned technology from the last
century and we can use better
one.
– Billy, are you ready
to spent 3 days for experimenting with
REST? We can do this with SOAP in 2
hours..
– Yes, I'm sure
that we'll spent even more time to
achieve the same security/performance/
/scalability/whatever else with SOAP.
I'm sure that HelloWorld applications
should be developed only with REST
from now.

Answer

REST should be used if it is very important for you to minimize the coupling between client and server components in a distributed application.

This may be the case if your server is going to be used by many different clients that you do not have control over. It may also be the case if you want to be able to update the server regularly without needing to update the client software.

I can assure you that achieving this low level of coupling is not easy to do. It is critical to follow all of the constraints of REST to succeed. Maintaining a purely stateless connection is difficult. Picking the right media-types and squeezing your data into the formats is tricky. Creating your own media types can be even harder.

Adapting rich server behaviour into the uniform HTTP interface can be confusing and at times appears pedantic in comparison to the relatively straightforward RPC approach.

Despite the difficulties, the benefits are that you have a service that a client developer should be able to easily understand due to the consistent use of the HTTP protocol. The service should be easily discoverable due to hypermedia and the client should be extremely resilient to changes on the server.

The benefits of hypermedia and the avoidance of session state makes load balancing simple and service partitioning feasible. The strict conformance to HTTP rules make the availability of tools like debuggers and caching proxies wonderful thing.

Update

It seems to me that REST is another 'last word of fashion' (or I can be totally wrong because I haven't ever seen REST in practice).

I think REST has become fashionable because people attempting to do SOA type projects have found that using the SOAP stack they are not realizing the benefits that were promised. People keep turning back to the web as an example of simple integration methodologies. Unfortunately, I think people underestimate the amount of planning and foresight that went into creating the web and they oversimplify what needs to be done to allow the kind of serendipitous reuse that does occur on the web.

You say that you have never seen REST in practice, but that cannot possibly be true if you ever use a web browser. The web browser is a REST client.

  • Why do you not need to do a browser update when someone changes some html on a web site?
  • Why can I add a complete new set of pages to a web site and the "client" can still access those new pages without an update?
  • Why do I not need to provide a "service-description-language" to the web browser to tell it when it goes to http://example.org/images/cat that the return type will be a jpeg image and when you go to http://example.org/description/cat the return type will be text/html?
  • Why can I use a web browser to visit sites that did not exist when the browser was released? How can the client know about these sites?

These may sound like inane questions, but if you know the answer, then you can start to see what REST is all about. Look at StackOverflow for more benefits of REST. When I am looking at a question, I can bookmark that page or send the url to a friend and he can see the same information. He doesn't have to navigate through the site to find that question.

StackOverflow uses a variety of OpenId services for authentication, gravatar.com for avatar images, google-analytics and Quantserve for analytical information. This kind of multi-company integration is the type of thing the SOAP world only dreams of. One of the best examples is the fact that the jQuery libraries that are used to drive the StackOverflow UI are retrieved from Google's Content Delivery Network. The fact that SO could direct the client (i.e. your web browser) to download code from a third-party site to improve performance is testament to the low coupling between web client and server.

These are examples of a REST architecture at work.

Now some web sites / applications do break the rules of REST and then the browser does not work as expected.

  • The infamous back button problem is caused by using server side session state.
  • Load balancing can become a pain when you have server side session state.
  • Flash applications often prevent the URL from specifically identifying a representation.
  • The other problem that breaks web browsers is poor conformance to media-type standards. We hear all of the time about how IE6 needs to be killed. The problem there is that standards were not properly followed, or were ignored for whatever reason.
  • The use of login sessions are the source of many security holes.

REST is everywhere. It is the part of the web that makes it work well. If you want to build distributed applications that can scale like the web, be resilient to change like the web and promote re-use as the web has done, then follow the same rules they did when building web browsers.