Rest

Question 1

What is REST Web Services?

Answer 1

REST is the acronym for REpresentational State Transfer. REST is an architectural style for developing applications that can be accessed over the network.

REST is a stateless client-server architecture where web services are resources and can be identified by their URIs. Client applications can use HTTP GET/POST methods to invoke Restful web services. REST doesn’t specify any specific protocol to use, but in almost all cases it’s used over HTTP/HTTPS. When compared to SOAP web services, these are lightweight and doesn’t follow any standard. We can use XML, JSON, text or any other type of data for request and response.

Question 2

Explain the architectural style for creating web api?

Answer 2

The architectural style for creating web api are
•HTTP for client server communication
•XML/JSON as formatting language
•Simple URI as the address for the services
•Stateless communication

Question 3

What are the HTTP methods supported by REST?

Answer 3

• GET
• POST
• PUT
• DELETE
• OPTIONS
• HEAD

Question 4

What are resources in a REST architecture?

Answer 4

Resources are identified by logical URLs; it is the key element of a RESTful design. Unlike SOAP web services, in REST you view the product data as a resource and this resource should contain all the required information.

Question 5

Mention some key characteristics of REST?

Answer 5

• REST is stateless, so there is no storage of session data on the client
• With a well applied REST API, the server could be restarted between two calls as every data is passed to the server
• Web service mostly uses POST method to make operations, whereas REST uses GET to access resource

Question 6

Explain how JAXB related to RESTful web api?

Answer 6

JAXB stands for Java API for Xml Binding. This framework is used to bind XML or JSON to Java objects without the need for creating XML or JSON parsers.

Question 7

What is the difference between PUT and POST?

Answer 7

“PUT” puts a file or resource at a particular URI and exactly at that URI. If there is already a file or resource at that URI, PUT changes that file or resource. If there are no resource or file there, PUT makes one POST sends data to a particular URI and expects the resource at that URI to deal with the request. The web server at this point can decide what to do with the data in the context of specified resource “

Question 8

Which markup language can be used in RESTful API?

Answer 8

JSON and XML are the two markup language that can be used in Restful web api

Question 9

List out the tools or API for developing or testing web api?

Answer 9

Testing tools for web services for REST APIs includes •Spring REST 
•Jersey (Oracle) 
•CXF (Apache) 
•Restlet 
•REST Easy (JBOSS)

Question 10

Which protocol is used by RESTful webservices?

Answer 10

RESTful web services make use of HTTP protocol as a medium of communication between client and server.

Question 11

What is messaging in RESTful webservices?

Answer 11

A client sends a message in form of a HTTP Request and server responds in form of a HTTP Response. This technique is termed as Messaging. These messages contain message data and metadata i.e. information about message itself.

Question 12

What are the core components of a HTTP Request?

Answer 12

A HTTP Request has five major parts
Verb − Indicate HTTP methods such as GET, POST, DELETE, PUT etc.

URI − Uniform Resource Identifier (URI) to identify the resource on server.

HTTP Version − Indicate HTTP version, for example HTTP v1.1 .

Request Header − Contains metadata for the HTTP Request message as key-value pairs. For example, client ( or browser) type, format supported by client, format of message body, cache settings etc.

Request Body − Message content or Resource representation.

Question 13

What are the core components of a HTTP response?

Answer 13

A HTTP Response has four major parts − Status/Response Code − Indicate Server status for the requested resource. For example 404 means resource not found and 200 means response is ok.

HTTP Version − Indicate HTTP version, for example HTTP v1.1 .

Response Header − Contains metadata for the HTTP Response message as key-value pairs. For example, content length, content type, response date, server type etc.

Response Body − Response message content or Resource representation.

Question 14

What is URI?

Answer 14

URI stands for Uniform Resource Identifier. Each resource in REST architecture is identified by its URI. Purpose of an URI is to locate a resource(s) on the server hosting the web service. A URI is of following format −
protocol://

Question 15

What is statelessness in RESTful Webservices?

Answer 15

As per REST architecture, a RESTful web service should not keep a client state on server. This restriction is called statelessness. It is responsibility of the client to pass its context to server and then server can store this context to process client’s further request. For example, session maintained by server is identified by session identifier passed by the client.

Question 16

What is the purpose of HTTP Status Code?

Answer 16

HTTP Status code are standard codes and refers to predefined status of task done at server. For example, HTTP Status 404 states that requested resource is not present on server.

Question 17

What HTTP Status Code 200 states?

Answer 17

It means, OK, shows success.

Question 18

What HTTP Status Code 201 states?

Answer 18

It means, CREATED, when a resource is successful created using POST or PUT request. Return link to newly created resource using location header.

Question 19

What HTTP Status Code 204 states?

Answer 19

It means, NO CONTENT, when response body is empty for example, a DELETE request.

Question 20

What HTTP Status Code 400 states?

Answer 20

It means, BAD REQUEST, states that invalid input is provided e.g. validation error, missing data.

Question 21

What HTTP Status Code 403 states?

Answer 21

It means, FORBIDDEN, states that user is not having access to method being used for example, delete access without admin rights.

Question 22

What HTTP Status Code 404 states?

Answer 22

It means, NOT FOUND, states that method is not available.

Question 23

What HTTP Status Code 500 states?

Answer 23

It means, INTERNAL SERVER ERROR, states that server has thrown some exception while executing the method.

Question 24

What are the best practices to be followed while designing a secure RESTful web service?

Answer 24

As RESTful web services work with HTTP URLs Paths so it is very important to safeguard a RESTful web service in the same manner as a website is be secured. Following are the best practices to be followed while designing a RESTful web service

Validation − Validate all inputs on the server. Protect your server against SQL or NoSQL injection attacks.

Session based authentication − Use session based authentication to authenticate a user whenever a request is made to a Web Service method.

No sensitive data in URL − Never use username, password or session token in URL , these values should be passed to Web Service via POST method.

Restriction on Method execution − Allow restricted use of methods like GET, POST, DELETE. GET method should not be able to delete data.

Validate Malformed XML/JSON − Check for well formed input passed to a web service method.

Throw generic Error Messages − A web service method should use HTTP error messages like 403 to show access forbidden etc.

Question 25

What is RESTful Web Services?

Answer 25

RESTFUL is referred for web services written by applying REST architectural concept are called RESTful services, it focuses on system resources and how state of resource should be transported over HTTP protocol to a different clients written in different language.

Question 26

What are RESTFUL web service used to perform CRUD?

Answer 26

In RESTFUL web service http methods like GET, POST, PUT and DELETE can be used to perform CRUD operations.

Question 27

What is URI?

Answer 27

Uniform Resource Identifier

Question 28

What does a URI do?

Answer 28

URI is a string of characters used to identify a resource. Such identification enables interaction with representations of the resource over a network, typically the World Wide Web, using specific protocols. Schemes specifying a concrete syntax and associated protocols define each URI. The most common form of URI is the Uniform Resource Locator (URL), frequently referred to informally as a web address.

Question 29

What is Stateless Communication?

Answer 29

A stateless protocol is a communications protocol that treats each request as an independent transaction that is unrelated to any previous request so that the communication consists of independent pairs of request and response. A stateless protocol does not require the server to retain session information or status about each communications partner for the duration of multiple requests. In contrast, a protocol that requires keeping of the internal state on the server is known as a stateful protocol.

Question 30

What is HTTP Get?

Answer 30

GET: It requests a resource at the request URL. It should not contain a request body as it will be discarded. May be it can be cached locally or on the server.

Question 31

What is HTTP Post?

Answer 31

POST: It submits information to the service for processing; it should typically return the modified or new resource

Question 32

What is HTTP Put?

Answer 32

PUT: At the request URL it update the resource

Question 33

What is HTTP Delete?

Answer 33

DELETE: At the request URL it removes the resource

Question 34

What is HTTP Option?

Answer 34

OPTIONS: It indicates which techniques are supported

Question 35

What is HTTP Head?

Answer 35

HEAD: About the request URL it returns meta information

Question 36

What are advantages of REST web services?

Answer 36

Some of the advantages of REST web services are:

Learning curve is easy since it works on HTTP protocol

Supports multiple technologies for data transfer such as text, xml, json, image etc.

No contract defined between server and client, so loosely coupled implementation.

REST is a lightweight protocol

REST methods can be tested easily over browser.

Question 37

What are disadvantages of REST web services?

Answer 37

Some of the disadvantages of REST are:

Since there is no contract defined between service and client, it has to be communicated through other means such as documentation or emails.

Since it works on HTTP, there can’t be asynchronous calls.

Sessions can’t be maintained.

Question 38

What is a Resource in Restful web services?

Answer 38

Resource is the fundamental concept of Restful architecture. A resource is an object with a type, relationship with other resources and methods that operate on it. Resources are identified with their URI, HTTP methods they support and request/response data type and format of data.

Question 39

What is the use of Accept and Content-Type Headers in HTTP Request?

Answer 39

These are important headers in Restful web services. Accept headers tells web service what kind of response client is accepting, so if a web service is capable of sending response in XML and JSON format and client sends Accept header as “application/xml” then XML response will be sent. For Accept header “application/json”, server will send the JSON response.

Content-Type header is used to tell server what is the format of data being sent in the request. If Content-Type header is “application/xml” then server will try to parse it as XML data. This header is useful in HTTP Post and Put requests.

Question 40

What is JAX-RS API?

Answer 40

Java API for RESTful Web Services (JAX-RS) is the Java API for creating REST web services. JAX-RS uses annotations to simplify the development and deployment of web services. JAX-RS is part of JDK, so you don’t need to include anything to use it’s annotations.

Question 41

Name some implementations of JAX-RS API?

Answer 41

Jersey: Jersey is the reference implementation provided by Sun. For using Jersey as our JAX-RS implementation, all we need to configure its servlet in web.xml and add required dependencies. Note that JAX-RS API is part of JDK not Jersey, so we have to add its dependency jars in our application.

RESTEasy: RESTEasy is the JBoss project that provides JAX-RS implementation.

Question 42

Name important annotations used in JAX-RS API?

Answer 42

@Path: used to specify the relative path of class and methods. We can get the URI of a webservice by scanning the Path annotation value.

@GET, @PUT, @POST, @DELETE and @HEAD: used to specify the HTTP request type for a method.

@Produces, @Consumes: used to specify the request and response types.

@PathParam: used to bind the method parameter to path value by parsing it.