2013-11-09 23:11:49 8 Comments
I have read articles about the differences between SOAP and REST as a web service communication protocol, but I think that the biggest advantages for REST over SOAP are:
REST is more dynamic, no need to create and update UDDI(Universal Description, Discovery, and Integration).
REST is not restricted to only XML format. RESTful web services can send plain text/JSON/XML.
But SOAP is more standardized (E.g.: security).
So, am I correct in these points?
Related Questions
Sponsored Content
17 Answered Questions
23 Answered Questions
[SOLVED] How do I POST JSON data with Curl from a terminal/commandline to Test Spring REST?
- 2011-08-24 08:51:11
- kamaci
- 2638237 View
- 2609 Score
- 23 Answer
- Tags: json rest spring-mvc curl http-headers
34 Answered Questions
9 Answered Questions
[SOLVED] How to pass "Null" (a real surname!) to a SOAP web service in ActionScript 3
- 2010-12-16 00:42:14
- bill
- 915387 View
- 4605 Score
- 9 Answer
- Tags: apache-flex actionscript soap coldfusion wsdl
31 Answered Questions
32 Answered Questions
[SOLVED] What exactly is RESTful programming?
- 2009-03-22 14:45:39
- hasen
- 1636210 View
- 3921 Score
- 32 Answer
- Tags: http rest definition
10 comments
@Jose Manuel Gomez Alvarez 2018-05-23 15:41:13
Among many others already covered in the many answers, I would highlight that SOAP enables to define a contract, the WSDL, which define the operations supported, complex types, etc. SOAP is oriented to operations, but REST is oriented at resources. Personally I would select SOAP for complex interfaces between internal enterprise applications, and REST for public, simpler, stateless interfaces with the outside world.
@Premraj 2015-12-08 23:38:04
REST(REpresentational State Transfer)
REpresentational State of an Object is Transferred is REST i.e. we don't send Object, we send state of Object. REST is an architectural style. It doesn’t define so many standards like SOAP. REST is for exposing Public APIs(i.e. Facebook API, Google Maps API) over the internet to handle CRUD operations on data. REST is focused on accessing named resources through a single consistent interface.
SOAP(Simple Object Access Protocol)
SOAP brings its own protocol and focuses on exposing pieces of application logic (not data) as services. SOAP exposes operations. SOAP is focused on accessing named operations, each operation implement some business logic. Though SOAP is commonly referred to as web services this is misnomer. SOAP has a very little if anything to do with the Web. REST provides true Web services based on URIs and HTTP.
Why REST?
application/xml
orapplication/json
for POST and/user/1234.json
or GET/user/1234.xml
for GET.Why SOAP?
source1
source2
@Santiago Martí Olbrich 2016-02-27 20:30:57
REST verbs/methods don't have a 1 to 1 relation to CRUD methods although, it can help in the beginning to understand the REST style.
@Mou 2016-11-07 14:33:43
REST does not support SSL ? the uniform resource url for rest can not be start with https:// ?
@blue_note 2018-08-15 18:19:17
There are already technical answers, so I'll try to provide some intuition.
Let's say you want to call a function in a remote computer, implemented in some other programming language (this is often called remote procedure call/RPC). Assume that function can be found at a specific URL, provided by the person who wrote it. You have to (somehow) send it a message, and get some response. So, there are two main questions to consider.
For the first question, the official definition is WSDL. This is an XML file which describes, in detailed and strict format, what are the parameters, what are their types, names, default values, the name of the function to be called, etc. An example WSDL here shows that the file is human-readable (but not easily).
For the second question, there are various answers. However, the only one used in practice is SOAP. Its main idea is: wrap the previous XML (the actual message) into yet another XML (containing encoding info and other helpful stuff), and send it over HTTP. The POST method of the HTTP is used to send the message, since there is always a body.
The main idea of this whole approach is that you map a URL to a function, that is, to an action. So, if you have a list of customers in some server, and you want to view/update/delete one, you must have 3 URLS:
myapp/read-customer
and in the body of the message, pass the id of the customer to be read.myapp/update-customer
and in the body, pass the id of the customer, as well as the new datamyapp/delete-customer
and the id in the bodyThe REST approach sees things differently. A URL should not represent an action, but a thing (called resource in the REST lingo). Since the HTTP protocol (which we are already using) supports verbs, use those verbs to specify what actions to perform on the thing.
So, with the REST approach, customer number 12 would be found on URL
myapp/customers/12
. To view the customer data, you hit the URL with a GET request. To delete it, the same URL, with a DELETE verb. To update it, again, the same URL with a POST verb, and the new content in the request body.For more details about the requirements that a service has to fulfil to be considered truly RESTful, see the Richardson maturity model. The article gives examples, and, more importantly, explains why a (so-called) SOAP service, is a level-0 REST service (although, level-0 means low compliance to this model, it's not offensive, and it is still useful in many cases).
@Ashish Kamble 2019-09-17 10:41:56
What do you mean
REST
is not web service?? WhatsJAX-RS
then??@blue_note 2019-09-17 10:46:25
@AshishKamble: I provided the link of the rest services specification. The official definition contains only the WS-* protocols (roughly the ones we call "SOAP") and rest is not part of it officially
@blue_note 2019-09-17 10:47:01
@AshishKamble: Also, note that there's also a JAX-WS, which means "web services", differentiated from "rest services". Anyway, the distinction is not important for any practical purposes, as I also noted.
@Bacteria 2015-06-14 19:48:27
SOAP (Simple Object Access Protocol) and REST (Representation State Transfer) both are beautiful in their way. So I am not comparing them. Instead, I am trying to depict the picture, when I preferred to use REST and when SOAP.
What is payload?
Now, for example, I have to send a Telegram and we all know that the cost of the telegram will depend on some words.
So tell me among below mentioned these two messages, which one is cheaper to send?
or
I know your answer will be the second one although both representing the same message second one is cheaper regarding cost.
So I am trying to say that, sending data over the network in JSON format is cheaper than sending it in XML format regarding payload.
Here is the first benefit or advantages of REST over SOAP. SOAP only support XML, but REST supports different format like text, JSON, XML, etc. And we already know, if we use Json then definitely we will be in better place regarding payload.
Now, SOAP supports the only XML, but it also has its advantages.
Really! How?
SOAP relies on XML in three ways Envelope – that defines what is in the message and how to process it.
A set of encoding rules for data types, and finally the layout of the procedure calls and responses gathered.
This envelope is sent via a transport (HTTP/HTTPS), and an RPC (Remote Procedure Call) is executed, and the envelope is returned with information in an XML formatted document.
The important point is that one of the advantages of SOAP is the use of the “generic” transport but REST uses HTTP/HTTPS. SOAP can use almost any transport to send the request but REST cannot. So here we got an advantage of using SOAP.
As I already mentioned in above paragraph “REST uses HTTP/HTTPS”, so go a bit deeper on these words.
When we are talking about REST over HTTP, all security measures applied HTTP are inherited, and this is known as transport level security and it secures messages only while it is inside the wire but once you delivered it on the other side you don’t know how many stages it will have to go through before reaching the real point where the data will be processed. And of course, all those stages could use something different than HTTP.So Rest is not safer completely, right?
But SOAP supports SSL just like REST additionally it also supports WS-Security which adds some enterprise security features. WS-Security offers protection from the creation of the message to it’s consumption. So for transport level security whatever loophole we found that can be prevented using WS-Security.
Apart from that, as REST is limited by it's HTTP protocol so it’s transaction support is neither ACID compliant nor can provide two-phase commit across distributed transnational resources.
But SOAP has comprehensive support for both ACID based transaction management for short-lived transactions and compensation based transaction management for long-running transactions. It also supports two-phase commit across distributed resources.
I am not drawing any conclusion, but I will prefer SOAP-based web service while security, transaction, etc. are the main concerns.
Here is the "The Java EE 6 Tutorial" where they have said A RESTful design may be appropriate when the following conditions are met. Have a look.
Hope you enjoyed reading my answer.
@Bhargav Nanekalva 2015-08-23 03:35:35
Great answer but remember REST can use any transport protocol. For example, it can use FTP.
@Osama Aftab 2015-09-07 12:45:34
Who said REST can't use SSL?
@Bacteria 2015-09-07 16:01:23
@ Osama Aftab REST supports SSL, but SOAP supports SSL just like REST additionally it also supports WS-Security.
@GaTechThomas 2016-11-08 18:59:01
To reference the point about size of XML data, when compression is enabled, XML is quite small.
@ThomasRS 2017-04-20 21:51:41
The point about the size of the payload should be deleted, it is such a one-dimensional comparison between JSON and XML and is only possible to detect in seriously optimized setups, which are far between.
@Phil Sturgeon 2018-01-05 00:17:44
A lot of these answers entirely forgot to mention hypermedia controls (HATEOAS) which is completely fundamental to REST. A few others touched on it, but didn't really explain it so well.
This article should explain the difference between the concepts, without getting into the weeds on specific SOAP features.
@cmd 2013-11-09 23:19:50
REST
vsSOAP
is not the right question to ask.REST
, unlikeSOAP
is not a protocol.REST
is an architectural style and a design for network-based software architectures.REST
concepts are referred to as resources. A representation of a resource must be stateless. It is represented via some media type. Some examples of media types includeXML
,JSON
, andRDF
. Resources are manipulated by components. Components request and manipulate resources via a standard uniform interface. In the case of HTTP, this interface consists of standard HTTP ops e.g.GET
,PUT
,POST
,DELETE
.@Abdulaziz's question does illuminate the fact that
REST
andHTTP
are often used in tandem. This is primarily due to the simplicity of HTTP and its very natural mapping to RESTful principles.Fundamental REST Principles
Client-Server Communication
Client-server architectures have a very distinct separation of concerns. All applications built in the RESTful style must also be client-server in principle.
Stateless
Each client request to the server requires that its state be fully represented. The server must be able to completely understand the client request without using any server context or server session state. It follows that all state must be kept on the client.
Cacheable
Cache constraints may be used, thus enabling response data to be marked as cacheable or not-cacheable. Any data marked as cacheable may be reused as the response to the same subsequent request.
Uniform Interface
All components must interact through a single uniform interface. Because all component interaction occurs via this interface, interaction with different services is very simple. The interface is the same! This also means that implementation changes can be made in isolation. Such changes, will not affect fundamental component interaction because the uniform interface is always unchanged. One disadvantage is that you are stuck with the interface. If an optimization could be provided to a specific service by changing the interface, you are out of luck as REST prohibits this. On the bright side, however, REST is optimized for the web, hence incredible popularity of REST over HTTP!
The above concepts represent defining characteristics of REST and differentiate the REST architecture from other architectures like web services. It is useful to note that a REST service is a web service, but a web service is not necessarily a REST service.
See this blog post on REST Design Principles for more details on REST and the above stated bullets.
EDIT: update content based on comments
@Pedro Werneck 2013-11-10 00:51:41
REST does not have a predefined set of operations that are CRUD operations. Mapping HTTP methods to CRUD operations blindly is one of the most common misconceptions around REST. The HTTP methods have very well defined behaviors that have nothing to do with CRUD, and REST isn't coupled to HTTP. You can have a REST API over ftp with nothing but RETR and STOR, for instance.
@Pedro Werneck 2013-11-10 00:53:23
Also, what do you mean by 'REST services are idempotent'? As far as I know, you have some HTTP methods that by default are idempotent, and if a particular operation in your service needs idempotence, you should use them, but it doesn't make sense to say the service is idempotent. The service may have resources with actions that may be effected in an idempotent or non-idempotent fashion.
@Bruce_Wayne 2015-04-16 18:25:43
@cmd :please remove fourth point - "A RESTful architecture may use HTTP or SOAP as the underlying communication protocol". its a misinformation you are conveying.
@Pedro Werneck 2013-11-10 00:45:24
Unfortunately, there are a lot of misinformation and misconceptions around REST. Not only your question and the answer by @cmd reflect those, but most of the questions and answers related to the subject on Stack Overflow.
SOAP and REST can't be compared directly, since the first is a protocol (or at least tries to be) and the second is an architectural style. This is probably one of the sources of confusion around it, since people tend to call REST any HTTP API that isn't SOAP.
Pushing things a little and trying to establish a comparison, the main difference between SOAP and REST is the degree of coupling between client and server implementations. A SOAP client works like a custom desktop application, tightly coupled to the server. There's a rigid contract between client and server, and everything is expected to break if either side changes anything. You need constant updates following any change, but it's easier to ascertain if the contract is being followed.
A REST client is more like a browser. It's a generic client that knows how to use a protocol and standardized methods, and an application has to fit inside that. You don't violate the protocol standards by creating extra methods, you leverage on the standard methods and create the actions with them on your media type. If done right, there's less coupling, and changes can be dealt with more gracefully. A client is supposed to enter a REST service with zero knowledge of the API, except for the entry point and the media type. In SOAP, the client needs previous knowledge on everything it will be using, or it won't even begin the interaction. Additionally, a REST client can be extended by code-on-demand supplied by the server itself, the classical example being JavaScript code used to drive the interaction with another service on the client-side.
I think these are the crucial points to understand what REST is about, and how it differs from SOAP:
REST is protocol independent. It's not coupled to HTTP. Pretty much like you can follow an ftp link on a website, a REST application can use any protocol for which there is a standardized URI scheme.
REST is not a mapping of CRUD to HTTP methods. Read this answer for a detailed explanation on that.
REST is as standardized as the parts you're using. Security and authentication in HTTP are standardized, so that's what you use when doing REST over HTTP.
REST is not REST without hypermedia and HATEOAS. This means that a client only knows the entry point URI and the resources are supposed to return links the client should follow. Those fancy documentation generators that give URI patterns for everything you can do in a REST API miss the point completely. They are not only documenting something that's supposed to be following the standard, but when you do that, you're coupling the client to one particular moment in the evolution of the API, and any changes on the API have to be documented and applied, or it will break.
REST is the architectural style of the web itself. When you enter Stack Overflow, you know what a User, a Question and an Answer are, you know the media types, and the website provides you with the links to them. A REST API has to do the same. If we designed the web the way people think REST should be done, instead of having a home page with links to Questions and Answers, we'd have a static documentation explaining that in order to view a question, you have to take the URI
stackoverflow.com/questions/<id>
, replace id with the Question.id and paste that on your browser. That's nonsense, but that's what many people think REST is.This last point can't be emphasized enough. If your clients are building URIs from templates in documentation and not getting links in the resource representations, that's not REST. Roy Fielding, the author of REST, made it clear on this blog post: REST APIs must be hypertext-driven.
With the above in mind, you'll realize that while REST might not be restricted to XML, to do it correctly with any other format you'll have to design and standardize some format for your links. Hyperlinks are standard in XML, but not in JSON. There are draft standards for JSON, like HAL.
Finally, REST isn't for everyone, and a proof of that is how most people solve their problems very well with the HTTP APIs they mistakenly called REST and never venture beyond that. REST is hard to do sometimes, especially in the beginning, but it pays over time with easier evolution on the server side, and client's resilience to changes. If you need something done quickly and easily, don't bother about getting REST right. It's probably not what you're looking for. If you need something that will have to stay online for years or even decades, then REST is for you.
@Falco 2014-06-02 11:23:52
Really nice answer :D But I have one question regarding your comparision to the SO-Homepage. How would you implement a Search-Feature in REST? On a homepage you have a search field and the search-word is usually templated into the GET-Part of the URL, or submitted via POST - which is actually templating a user generated string into an URL ?
@Pedro Werneck 2014-06-02 14:40:35
Either one is fine. The issue is how the users get the URLs, not how they use them. They should get the search url from a link in some other document, not from documentation. The documentation may explain how to use the search resource.
@Falco 2014-06-02 15:02:43
So a link with a placeholder in place of the searchterm is fine? Because the searchterm is an input from the user?
@Bhavesh Agarwal 2014-12-04 04:05:16
"people tend to call REST any HTTP API that isn't SOAP". Can you please elaborate this point by giving an example of an API over HTTP, which is not SOAP and not REST either?
@Pedro Werneck 2014-12-04 15:27:48
@BhaveshAgarwal almost every so-called "REST" API you can find around the internet is an example. The StackExchange API itself is an example.
@Pedro Werneck 2015-01-21 16:41:13
@CristiPotlog I never said SOAP is dependent on any particular protocol, I merely emphasize how REST isn't. The second link you sent says REST requires HTTP, which is wrong.
@Orestis 2016-08-11 16:14:30
Lets repeat that once more: HATEOAS is a constraint if you wanna call your API Restful!
@Shadrack B. Orina 2016-08-28 06:14:48
Say I have a soap client and a REST server, can the SOAP client post to the REST server.
@Oleg Sapishchuk 2017-02-27 20:39:46
@PedroWerneck I've read your linked response for "REST is not mapping CRUD to HTTP methods." But I didn't found there any explanations why REST is not mapping CRUD to HTTP methods, only that person who created question, not properly used HTTP method, for his activity. Can you share more information on this topic, please.
@Pedro Werneck 2017-02-27 21:37:48
@OlegSapishchuk HTTP methods have specific semantics, very distinct from CRUD operations.
@Sachin Kainth 2017-03-14 12:20:50
Pedro, I had the exact same query as @OlegSapishchuk. As far as I understand CRUD methods do map quite nicely to HTTP methods. Can you elaborate on this please?
@Pedro Werneck 2017-03-14 20:43:43
@SachinKainth There's an answer for that here. You can map CRUD ops to HTTP methods, but that's not REST, because it's not the intended semantics of those methods as documented in the RFCs.
@Oleg Sapishchuk 2017-03-15 13:18:21
@PedroWerneck the biggest joke here is the fact Google, Twitter and other top companies calling some of their services REST API, while they are not REST, as HATEOS principle was not followed up O_o.
@Hoàng Đăng 2017-05-31 04:25:08
@PedroWerneck as you said "stackoverflow.com/questions/<id>" replace id with the Question.idm that is not REST because it return the whole site, so RESTful only return data in format (json, xml..)
@Pedro Werneck 2017-05-31 23:06:48
@HoàngĐăng Not at all. There's no REST constraint for that. You should return whatever format the client asked in the
Accept
header, or406 Not Acceptable
.@Rajan Chauhan 2017-10-28 17:55:57
Last 4 lines are gem and should be fully understood by the person in development. Doing pure rest is time consuming but gives rewards in longer run. So better for medium sized or big sized projects. Not good for prototyping and small projects.
@aod 2017-11-14 07:23:35
What if there is lots of links the response should return so that HATEOAS is satisfied? Is it acceptable having a big response for a small demand? For example, in an online shop, I would like to fetch a good's thumbnail information. However, with this request, details, add to cart, display comments, add comment, similar goods, etc links come also. While I am aware of all these links after first interaction, is it necessary for the server to send them for each request?
@Pedro Werneck 2017-11-14 17:12:13
@aod The goal of REST isn't efficient communication, on the contrary. It trades efficiency for long-term compatibility and evolvability. That's why caching is an important part of REST. If you're serious about HATEOAS, you need to invest some time in setting up cache control headers and orienting clients to use it.
@Rex 2017-03-21 12:47:36
Difference between Rest and Soap
SOAP
REST
For more Details please see here
@Drazen Bjelovuk 2019-02-04 20:03:38
Do 3 and 6 under REST not contradict?
@Rex 2019-02-13 04:04:30
We just compare the feature of each other.
@Quan Nguyen 2016-09-20 08:02:14
Addition for:
++ A mistake that’s often made when approaching REST is to think of it as “web services with URLs”—to think of REST as another remote procedure call (RPC) mechanism, like SOAP, but invoked through plain HTTP URLs and without SOAP’s hefty XML namespaces.
++ On the contrary, REST has little to do with RPC. Whereas RPC is service oriented and focused on actions and verbs, REST is resource oriented, emphasizing the things and nouns that comprise an application.
@marvelTracker 2016-01-17 00:17:05
IMHO you can't compare SOAP and REST where those are two different things.
SOAP is a protocol and REST is a software architectural pattern. There is a lot of misconception in the internet for SOAP vs REST.
SOAP defines XML based message format that web service-enabled applications use to communicate each other over the internet. In order to do that the applications need prior knowledge of the message contract, datatypes, etc..
REST represents the state(as resources) of a server from an URL.It is stateless and clients should not have prior knowledge to interact with server beyond the understanding of hypermedia.