I am having confusion around http text 'post' in terms of webservice context. We are having a web service which is built on SOAP protocol, now the integration partner wants to eliminate the SOAP portion of the XML message and wants us to post XML message as 'http text post'.
Is this REST HTTP POST? Please clarify.
POST is an HTTP request method, of which there are many (ex. GET, PUT, DELETE, HEAD...). POST is used to submit data to a server for processing, whereas GET (for example) is used to retrieve data for reading. You can read more here. These methods are used for all HTTP communication, whether the target is a SOAP/REST web service or an Apache server hosting a regular website.
SOAP normally operates using POST requests, although it is possible to use GET with SOAP 1.2 as well. GET requests have more restrictive size limitations than POST requests.
Related
I'm building a web application that needs to process some information on a server. There is no database involved, the server (using Flask) just needs to receive some (complex) information, process it, and send back the result.
My question is which HTTP method is most suitable here (if any). When I read about HTTP methods, they are usually explained in terms of a REST api, where a GET request is used to retrieve data from the server and a POST request is used to create new data on the server. In my case however, I don't need to store any information on the server. A GET request doesn't seem suitable here, as the information sent to the server is rather complex, and can't be easily encoded in the URL. I think a POST request should work here, as I can send the data in JSON format, but the specifications say POST should be used when you want to create something on the server, and a response should only contain a success message and/or location.
Am I missing something here? Should I use something different like WebSocket, or is a POST request fine here, although it doesn't abide by the REST principles?
Thanks in advance.
the specifications say POST should be used when you want to create something on the server
No, they don't. A lot of people say that, but the specification is not so restrictive.
The POST method requests that the target resource process the representation enclosed in the request according to the resource's own specific semantics
Here's how Roy Fielding explained it in 2009:
POST serves many useful purposes in HTTP, including the general purpose of “this action isn’t worth standardizing.”
Yes, POST isn't ideal - the semantics of POST are neither safe nor idempotent, and your particular case would benefit from communicating those properties to general purpose components.
But it is good enough, until the work is done to standardize the semantics of a new method token that better handles this case.
We use POST method to send data to the server. What the server does with the data is encoded in the server logic.
As a client if you want to just send data to server use POST.
I am working with this third party service provider where i have to fetch / filter some data from them. The search filter parameters are complex in nature and contains too many filter params. I have tried to use querystring values and with querystring, i find it more difficult to send data since the data i have to send may contain an array of objects.
With JSON request body even with HTTP GET request, I find it extremely easy to process the request and did the testing using Insomnia REST client with ease. However POSTman REST client doesn't allow to send body parameters with GET request.
I have seen others using POST request to fetch / filter data from the api for the same purpose. POST HTTP request can be used to fetch data, but is it good from the technical standpoint? Is it recommended practice to send JSON request body values with GET request?
Not sure how much control you might have on the protocol or you have any middleware, but an HTTP GET usually doesn't have a body, I've even seen smart firewalls and hosting services strip any body by default. If you want to stay "close" to clean REST, you might consider adding a "/query" to your resource path and do a POST to that endpoint; it's a bit "RPC-ish" but not too bad. Another option would be to have a completely independent query service that could be using another protocol such as JSON-RPC.
I would like what happen when an web service receive part of data by SOAP header. What's the diference between receive data by SOAP header and SOAP body (Before the web service receive all of data by SOAP body)
I don't understand at all what are benefits of this new version.
PD: My web service is based on Java with JAX-WS
Thanks a lot.
Same as any request SOAP has header and body. generally SOAP has all data in body.
Body is highly documented so you can not send additional data in SOAP body.
If you are doing It may break the other end code(Implementation in different for different technologies).
SO if you want to send additional data in SOAP without effecting the WSDL you can use SOAP header.
Headers are like to send additional information.
these header and values can be accessed from message context.
to access these value code may vary from technology to technology
Do both SOAP and REST refer back to the WSDL? I'm having trouble distinguishing between SOAP and REST.
No, only SOAP does.
Essentially SOAP is a protocol with the client and server making agreements as to the kinds of data types transmitted and what actions should be taken by the server for a request. This agreement is specified in the WSDL file.
With REST, there is no agreement as the point of REST is to talk to a resource using only GET, POST, PUT, and DELETE. Nothing about the underlying implementation as specified by a WSDL file should be known to a REST client.
Is it ok to redirect from REST service (with HTTP 307 code) to web page on another server. F.e. I want to redirect user to wikipedia.com page from rest service. Does it violate http or rest protocols?
It depends on how you consume your REST service (eg. AJAX, Mobile / Desktop Client, Server-side Application). Your question does not violate the RFC2616 but I am not really sure how this will be useful unless your service is accessed via Browsers directly.
However, I would not recommend to redirect via 307 rather than 303 (307 means the user should repeat the same request to the new URL specified in the Location header field (so if the last request was POST, the request to the new URL will also be POST) and not all clients might support that status. See RFC2616 definition of 307.
Can you provide more information of how you are planning to use this?
Edit: Changed to 303 See other as this is more appropriate here.