From MSDN magazine https://msdn.microsoft.com/en-us/magazine/dd315413.aspx and https://msdn.microsoft.com/en-us/magazine/dd942839.aspx
I understand that
When RESTful endpoints are asked for data using HTTP, the HTTP verb used is GET.
Using REST means that you can take advantage of HTTP caching and other features, like Conditional GET, that aid in scaling services. Many of these techniques can't be used with SOAP because SOAP uses POST only over HTTP.
From the Wikipedia page http://en.wikipedia.org/wiki/Representational_state_transfer
RESTful systems typically, but not always, communicate over the Hypertext Transfer Protocol with the same HTTP verbs (GET, POST, PUT, DELETE, etc.) used by web browsers to retrieve web pages and send data to remote servers.[
But will it be a violation of REST architecture to use HTTP POST to get data from a resource?
In other words, can a SOAP based webservice be RESTful?
Are there any other differences between RESTful and SOAP based webservice?
Best Answer
Introduction
I'm posting this as an answer because comments just don't suffice. Here is what I want to summarize for you.
First, we'll start with these two references:
http://spf13.com/post/soap-vs-rest
http://blog.smartbear.com/apis/understanding-soap-and-rest-basics/
Lastly, I want to start this post off by saying the following:
SOAP and REST were both designed to solve the following problem: how do two disparate applications, programmes or devices interchange and share data between each other, in an extensible and easily-understood manner?
RESTful Services
By design RESTful (Representational State Transfer) services use
HTTP
and theHTTP
verbs (GET
,POST
,PUT
,DELETE
) to indicate intent. These verbs very clearly indicate to the user what is going to happen when they are used. The server can use them to make preemptive decisions. That is, it can make a decision long before the action is ready to take place.Consider this, you have to access a small bit of data from a users Insert Service account. Which is easier, a
GET endpoint/users/account/id
request, or aPOST endpoint/users/account
request that has a body ofid
? By definition of REST, thePOST
request violates the basic agreement that REST implies. That is: the server is expected to know, before the data has arrived, what intentions with it the user has. This is the basic fundamental that REST attempts to guarantee.This fact, no, this fundamental, mandates that RESTful communication be permitted to indicate what intention the client has before the client begins to send data. This allows the server to accept and reject messages long before they arrive, thus reducing processing load.
Another aspect of REST (especially with the Twitter, Facebook and Google APIs): RESTful services, with the focus and mandate on
HTTP
, can take advantage ofHTTP
response headers. That is, they may respond with anHTTP 403 Forbidden
message if the client is not permitted access. SOAP-based services may not. The resulting message must indicate such a result.RESTful services tend to associate
HTTP verbs
(or actions) with nouns (or entities/objects.) Generally speaking, plurality and singularity imply more about the action. I.e.GET RootEndpoint/Employees
would be expected to return all employees (or at least a large group matching a specific criteria.) WhereasGET RootEndpoint/Employee/12
would be expected to return only one employee. (Generally, Employee with ID 12.)RESTful services make a direct correlation between the
HTTP verb
(GET
,POST
,PUT
,DELETE
) and the action. This is the purpose of the tie between the two: there is nothing special that needs added to the message body to indicate what the user intends to do. (I'll continue to stress this point throughout.)REST was designed entirely for
HTTP
. And it is very good at it's job.RESTful Filtering
Generally speaking, to filter
REST
service requests you would include multiple URL segments with each segment indicating what parameter follows it.I'll take an example from the Spotify API:
https://developer.spotify.com/web-api/get-playlist/
:In that API endpoint, you specify that you are looking for a
users
object withuser_id
of{user_id}
, and aplaylists
object (within thatusers
object) with theplaylist_id
of{playlist_id}
.Some RESTful services allow combination flags on parameters.
Take the Stack Exchange API, for example. You can fetch multiple questions or answers by separating them with semicolons, and it will essentially filter to just those questions or answers.
If we analyze this endpoint (/questions/{ids}/answers), you'll see that it specifies:
This is also a good example of an API that allows additional
GET
requests to filter/sort the results even further.Example of usage:
https://api.stackexchange.com/2.2/questions/30581530/answers?order=desc&sort=activity&site=stackoverflow
Now, if we do the same with the /answers/{ids} endpoint, we can come up with something along the lines of:
https://api.stackexchange.com/2.2/answers/30582379;30581997;30581789;30581628?order=desc&sort=activity&site=stackoverflow
. This pulls the four specified answers for us.We can combine even more, for example, with the SE API and include filters to restrict the fields returned:
https://api.stackexchange.com/2.2/questions/30581530/answers?order=desc&sort=activity&site=stackoverflow&filter=!)V)P2Uyugvm
. (See this link to /2.2/filters for an explanation of thatfilter
parameter.)SOAP-based Services
Enter SOAP (Simple Object Access Protocol), which was the predecessor to REST. SOAP solved this problem by sending messages back and forth. They use
XML
(though you could build a SOAP-based service without it, similarly to being able to build a RESTful service withoutJSON
) to exchange a message, whereby the server has no initial indication of what to do.SOAP-based services solve this issue in a manner that is agnostic of transport medium. The server and client need not use
HTTP
, or evenTCP
at all. They just need to use the same, or compatible transport mediums. In fact, you could think of the modern-day corporate environment as a SOAP-based service. When you need to get new supplies, you put in a requisition to your office manager, who then responds with a message. Upon receiving the initial requisition, your manager has no idea if it is permitted or not. They have to read the rest of the requisition in order to determine whether it is a valid request or if it is invalid.SOAP was designed around
RPCs
(Remote-Procedure Calls), many firewalls block these. So, as a result, SOAP was modified to work overHTTP
. It was designed to integrate vastly different technologies.Because SOAP is designed around messages, it is a much more verbose service. It is generally easier to represent compound actions in SOAP services. That is to say, if you are requesting
objects
based on many criteria (instead of just one) SOAP tends to have better interface for this.SOAP-based Filtering
SOAP-based services filter with additional fields in the RPC. How these fields are combined is up to the provider.
I'll take an example from the Global Weather API: http://www.webservicex.net/globalweather.asmx?op=GetWeather:
If you specify, for example, "Blanding" and "United States" you will see the generated XML looks like the following:
This would be submitted (for an HTTP SOAP request) as a POST-based call to
http://www.webservicex.net/globalweather.asmx/GetWeather
.Back to the original question:
Can a SOAP-based webservice be RESTful?
This was your original question, and I believe it stands to reason that it cannot, based on the information I have provided. These two services are mutually-exclusive. REST intends to solve the issue with the exchange of
headers
that indicate intent, andmessage bodies
that indicate purpose. SOAP intends to solve the issue with the exchange ofmessages
that indicate intent and purpose.Will it be a violation of REST architecture to use HTTP POST to get data from a resource? Yes. The RESTful service architecture is designed to use the term
POST
to represent a specific action. EachHTTP verb
in REST represents what that action intends to do.As I said in the comments on the initial question:
What do I choose, SOAP or REST?
This part exists primarily for future readers.
Both protocols have advantages and disadvantages, and you should choose which protocol you are using based on the requirements of the problem. Instructing you on how to accomplish that is beyond the scope of this question and answer. That said, there are three things to consider: know your project, know your requirements, and most of all, correctly document it for your audience.