366 CHAPTER 8 Websites and services
You can implement security by using HTTPS protocol to encrypt the communications and
basic authentication to require a user name and password to access resources.
The biggest benefits of using REST are that it is easy to connect to; it is lightweight and
thin, so it doesn’t consume many resources; and it is fast. In addition, REST does not need to
use verbose XML when sending and receiving data. Many developers prefer to send data to
the server as name=value pairs that are URI encoded (same as sending form data through
POST or GET). When receiving data from the server, developers typically like to use JSON
(JavaScript Object Notation) due to its compact size.
One of the biggest drawbacks to using REST is that some browsers support only GET
and POST methods, whereas many firewalls allow passage of only GET and POST methods.
Because of this problem, many developers create APIs that are similar to REST (are RESTful)
when compatibility is maintained with browsers and firewalls and only GET and POST are
used.Understanding arbitrary web services
Arbitrary web services are also known as big web services. Arbitrary web services such as
Windows Communication Foundation (WCF) don’t attempt to map aspects of the proto-
col to operations because the exposed operations might be more arbitrary than providing
simple REST operations. Arbitrary web services are more focused on the ability to offer more
functionality such as message routing and various means of security that can provide partial
message encryption and various forms of authentication.
Arbitrary web services typically have an interface format that enables the client to read
and parse the information. This information enables the client to make calls to the web
service immediately. One of the more common API formats is Web Services Description
Language (WSDL), by which a WSDL document that fully describes the exposed operations
can be retrieved from the web service.
Arbitrary web services require the client to assemble a request, or message, by using a
specially formatted XML message called a Simple Object Access Protocol (SOAP) message.
The web service is not required to communicate over HTTP protocol, and it’s quite common
to use HTTP protocol or for the web service to strip away the HTTP protocol layer and just use
TCP protocol for better performance.Creating a RESTful web service by using Node.js
The following describes creating a RESTful web service by using Node.js to expose the
math_example package that was created in Lesson 1 as a RESTful service. In this example,
GET, POST, PUT, and DELETE demonstrate that they can be used. In a real application, math
operations would typically use the GET method on a Math entity, and the operation would be
passed as a data parameter. For example, the following would be a more appropriate RESTful
implementation of performing addition of two numbers.
http://localhost:8080/Math?operation=addition&x=10&y=45