REST-201

Question 1

Which arch style does REST belongs to ?

Answer 1

Distributed Hypermedia Systems

Question 2

State the 6 REST Principles based on?

Answer 2

Stateless
Caching
Client-Server
Uniform Interface
Layered System
Code on Demand(Optional and unimp)

Question 3

Explain State-less?

Answer 3

The client should only know the state, the server should only care about the necessary details to give the respoinse

Question 4

Explain Cachecable?

Answer 4

The server must present the details to cached the data or not

Question 5

Explain Uniform Interface?

Answer 5

There are 4 uniform constraints

1. Identification Of Resources
2. Manipulation of Resources through representations.
3. Self Descriptive Messages
4. Hypermedia as the engine of application state

Question 6

Explain Layered System?

Answer 6

Abstraction of Resource providers
Now it mean a Server A to recieve the request, and server B to give the data to A, And server C to authorize & authnticate

Question 7

Why Resource Identifier in given importance?

Answer 7

The key abstraction is Resource, and each must be identifed by both the parties

Question 8

What is Resource Representaion?

Answer 8

The state of a resource at any moment.

Question 9

What is Media Type?

Answer 9

The data format of the resource

Question 10

What should be common in all RESTFul apis?

Answer 10

They should folow a common naming, return type , XML , JSON and the like

Question 11

Can a Resource may have sub collection?

Answer 11

Yes Like accounts/{accountId}/customers/{customerId}/

Question 12

Can we use - or _ to make URI

Answer 12

• is best because it improves readeability

Question 13

Should we use query naming convetions?

Answer 13

No, Better to use the Correct HTTP method

HTTP DELETE http://api.example.com/device-management/managed-devices/{id} //Delete device for given Id

Question 14

Which method is by default cached and which one not?

Answer 14

GET : Cached,
POST: Nope

Unless specifeid

Question 15

Say me the tags related to caching?

Answer 15

Expires: Fri, 20 May 2016 19:20:49 IST
Cache-Control: max-age=3532
Etag: The server associates this header to uniquly identify the resource
Last-Modified:

Question 16

Say Compression headers?

Answer 16

Accept-encoding: gzip,compress
Accept-encoding: *

and the like values

Question 17

What happens if the request is having a particuar value to Accept-encoding and server did not respond with the correct format data?

Answer 17

406 UnAcceptable

Question 18

While the server is ready to entertain the Accept-encoding type , what header it gives back in response ?

Answer 18

Content-Type: text/html

Content-Encoding: gzip

Question 19

If the content encoding can not be provided by the server?

Answer 19

then it says 415(Unsupported Media Type)

Question 20

What are the 2 content negotiation types?

Answer 20

Server-Driven

Agent-Driven (Most used)

Question 21

What is Serven & Agent Drive Negotiation?

Answer 21

Depends on best representation of the resource is best done

Question 22

WHAT IS THE diff b/w Accept-encoding & Content-Type?

Answer 22

Accept says what it want , Content-Type says what is actally is

Question 23

Is it possible to have multiple values in Accept and what is q in that header?

Answer 23

Yes Accept: application/json,application/xml;q=0.9

q says the preference order form 0to 1 , 1 is default

Question 24

What is HATEOS?

Answer 24

Hypermedia as the Engine of Application State

Question 25

What is idempotency?

Answer 25

Multiple request must be treated same as one request and should leave the resource beneath unchanged, no different outcomes

Question 26

List the Idemnpotent & Non-Idempotent methods?

Answer 26

Post : Non-Idempotent

GET

Question 27

Can I delete request show 404 ?

Answer 27

Yes the n-1 requests

Question 28

What is Least privelege?

Answer 28

Least Privilege: An entity should have least permission to perform a certain actions. Permissions must be added , removed or revoked as required

Question 29

What is Fail-Safe Defaults?

Answer 29

Fail-Safe Defaults: A user default access level to any resource must be denied

Question 30

What is Fail-Safe Defaults?

Answer 30

Fail-Safe Defaults: A user default access level to any resource must be denied

Question 31

What is Economy of Mechanism?

Answer 31

The design should be simple and componets must be simple put together

Question 32

What is Open Design?

Answer 32

The system design should be open and with no secret algos

Question 33

What is Separation Of Privilege?

Answer 33

Granting an entity should not be based on single condition, their should be some conditions

Question 34

What is Least Common Mechanism?

Answer 34

It deals with sharing state, if one Mechanism corrupts the state, the other mechanism can be corrupted

Question 35

What is Psychological Acceptability?

Answer 35

Security mechanism must be easily understood by user

Question 36

How do we add modules to Spring Boot?

Answer 36

We have to add the InitClass and the same init class must be annotated with the @corresponding annotation and also in pom as starter package

Question 37

How do we add a webMVC ?

Answer 37

add spring-boot-stater-web
Create a Config Class , do @EnableMvc
Extend the class with WebMvcConfigurerAdapter

Question 38

What are the Best Practises to Spring Security?

Answer 38

Keep it Simple, Use Https: Ussing SSL, you can send the random access token in the username , & get it validated on Basic Http Auth, Passwords must be hashed, Never exposed info on URL, Consider OAuth, Add Timestamp : It will save from replay attacks, Input Param validations