REST-201 Flashcards

1
Q

Which arch style does REST belongs to ?

A

Distributed Hypermedia Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

State the 6 REST Principles based on?

A
Stateless
Caching
Client-Server
Uniform Interface
Layered System
Code on Demand(Optional and unimp)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain State-less?

A

The client should only know the state, the server should only care about the necessary details to give the respoinse

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain Cachecable?

A

The server must present the details to cached the data or not

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain Uniform Interface?

A

There are 4 uniform constraints

  1. Identification Of Resources
  2. Manipulation of Resources through representations.
  3. Self Descriptive Messages
  4. Hypermedia as the engine of application state
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Explain Layered System?

A

Abstraction of Resource providers
Now it mean a Server A to recieve the request, and server B to give the data to A, And server C to authorize & authnticate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Why Resource Identifier in given importance?

A

The key abstraction is Resource, and each must be identifed by both the parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Resource Representaion?

A

The state of a resource at any moment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Media Type?

A

The data format of the resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What should be common in all RESTFul apis?

A

They should folow a common naming, return type , XML , JSON and the like

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Can a Resource may have sub collection?

A

Yes Like accounts/{accountId}/customers/{customerId}/

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Can we use - or _ to make URI

A
  • is best because it improves readeability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Should we use query naming convetions?

A

No, Better to use the Correct HTTP method

HTTP DELETE http://api.example.com/device-management/managed-devices/{id} //Delete device for given Id

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which method is by default cached and which one not?

A

GET : Cached,
POST: Nope

Unless specifeid

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Say me the tags related to caching?

A

Expires: Fri, 20 May 2016 19:20:49 IST
Cache-Control: max-age=3532
Etag: The server associates this header to uniquly identify the resource
Last-Modified:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Say Compression headers?

A

Accept-encoding: gzip,compress
Accept-encoding: *

and the like values

17
Q

What happens if the request is having a particuar value to Accept-encoding and server did not respond with the correct format data?

A

406 UnAcceptable

18
Q

While the server is ready to entertain the Accept-encoding type , what header it gives back in response ?

A

Content-Type: text/html

Content-Encoding: gzip

19
Q

If the content encoding can not be provided by the server?

A

then it says 415(Unsupported Media Type)

20
Q

What are the 2 content negotiation types?

A

Server-Driven

Agent-Driven (Most used)

21
Q

What is Serven & Agent Drive Negotiation?

A

Depends on best representation of the resource is best done

22
Q

WHAT IS THE diff b/w Accept-encoding & Content-Type?

A

Accept says what it want , Content-Type says what is actally is

23
Q

Is it possible to have multiple values in Accept and what is q in that header?

A

Yes Accept: application/json,application/xml;q=0.9

q says the preference order form 0to 1 , 1 is default

24
Q

What is HATEOS?

A

Hypermedia as the Engine of Application State

25
What is idempotency?
Multiple request must be treated same as one request and should leave the resource beneath unchanged, no different outcomes
26
List the Idemnpotent & Non-Idempotent methods?
Post : Non-Idempotent | GET
27
Can I delete request show 404 ?
Yes the n-1 requests
28
What is Least privelege?
Least Privilege: An entity should have least permission to perform a certain actions. Permissions must be added , removed or revoked as required
29
What is Fail-Safe Defaults?
Fail-Safe Defaults: A user default access level to any resource must be denied
30
What is Fail-Safe Defaults?
Fail-Safe Defaults: A user default access level to any resource must be denied
31
What is Economy of Mechanism?
The design should be simple and componets must be simple put together
32
What is Open Design?
The system design should be open and with no secret algos
33
What is Separation Of Privilege?
Granting an entity should not be based on single condition, their should be some conditions
34
What is Least Common Mechanism?
It deals with sharing state, if one Mechanism corrupts the state, the other mechanism can be corrupted
35
What is Psychological Acceptability?
Security mechanism must be easily understood by user
36
How do we add modules to Spring Boot?
We have to add the InitClass and the same init class must be annotated with the @corresponding annotation and also in pom as starter package
37
How do we add a webMVC ?
``` add spring-boot-stater-web Create a Config Class , do @EnableMvc Extend the class with WebMvcConfigurerAdapter ```
38
What are the Best Practises to Spring Security?
Keep it Simple, Use Https: Ussing SSL, you can send the random access token in the username , & get it validated on Basic Http Auth, Passwords must be hashed, Never exposed info on URL, Consider OAuth, Add Timestamp : It will save from replay attacks, Input Param validations