SlideShare a Scribd company logo

Introduction to Web Services

J
Jeffrey Anderson

WIIT-7340 Java IV - Web Services Module

Software
1 of 37
Introduction to Web Services Jeff Anderson janderson141@cscc.edu Center for Workforce Development
Why Services? • Promotes separation of duties between the each layer in the architecture • Allows the presentation layer to focus on user interaction • Centralizes business rules and business logic in the application service layer • Delegates data persistence to the data access layer
Web Services • Extend the service layer onto the network so it can be used by any number of clients all around the world • Client applications become much lighter weight and focus on user interactions, not business logic and persistence • Multiple versions of an application, such as web, iOS, Android, Alexa, ”Hey Google”, etc. share business rules making them faster and less expensive to develop • Allows other applications to collaborate with ours • Promotes loose coupling and use of domain specific languages in each layer by exchanging data in a text format such as JavaScript Object Notation (JSON)
Microservices “In short, the microservice architectural style is an approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API. These services are built around business capabilities and independently deployable by fully automated deployment machinery. There is a bare minimum of centralized management of these services, which may be written in different programming languages and use different data storage technologies.” -- James Lewis and Martin Fowler https://martinfowler.com/microservices/
Simple Object Access Protocol (SOAP) Types of Webservices
Simple Object Access Protocol (SOAP) • A W3C recommendation for exchanging structured information in a decentralized, distributed environment • Uses eXtensible Markup Language (XML) to exchange data in ways documented using Web Services Description Language (WSDL) • Defines an extensible framework providing a message construct that can be exchanged over a variety of underlying protocols • Designed to be independent of any particular programming model or language https://www.w3.org/TR/soap12-part1/#intro
Example SOAP Request https://www.w3schools.com/XML/xml_soap.asp
Example SOAP Response https://www.w3schools.com/XML/xml_soap.asp
Challenges With SOAP Services • XML parsing is complex and can be slow to process • The Extensible Stylesheet Language (XSL) and XML Path Language (XPath) assist with transforming XML but add another level of complexity • The WSDL can be used to generate code for working with SOAP web services but versioning becomes a problem when the WSDL needs to change • While SOAP may be simpler than it’s predecessors, it is way more complex than it’s name would imply • In most organizations, SOAP web services are consider ”legacy” code
REpresentational State Transfer (REST) Types of Webservices
Representational State Transfer (REST) • A network based architectural style for proposed by Roy Thomas Fielding in his PhD Dissertation at the University of California in 2000 • A stateless, cacheable, client-server based architectural style for building distributed applications at internet scale • Uses HTTP as the application-level protocol for communication and transfer of resource representations • Resources can be represented any number of ways, such as XML or JSON, and are negotiated via “accept” and “content-type” headers • Actions to be performed are articulated through HTTP methods with success or failure denoted by HTTP status codes https://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm
Principles of REST • Resources expose easily understood directory structure URIs. • Representations transfer JSON or XML to represent data objects and attributes. • Messages use HTTP methods explicitly (for example, GET, POST, PUT, and DELETE). • Stateless interactions store no client context on the server between requests. State dependencies limit and restrict scalability. The client holds session state. https://spring.io/understanding/rest#principles-of-rest
Resources REST Webservices
REST Resources “The key abstraction of information in REST is a resource. Any information that can be named can be a resource: a document or image, a temporal service (e.g. "today's weather in Los Angeles"), a collection of other resources, a non-virtual object (e.g. a person), and so on. In other words, any concept that might be the target of an author's hypertext reference must fit within the definition of a resource. A resource is a conceptual mapping to a set of entities, not the entity that corresponds to the mapping at any particular point in time.” – Roy Fielding https://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm#sec_5_2_1_1
Uniform Resource Identifier (URI) • http://www.ietf.org/rfc/rfc2396.txt • tel:+1-816-555-1212 • mailto:John.Doe@example.com • ftp://ftp.is.co.za/rfc/rfc1808.txt • ldap://[2001:db8::7]/c=GB?objectClass?one • urn:oasis:names:specification:docbook:dtd:xml:4.1.2 https://tools.ietf.org/html/rfc3986#section-1.1.2
REST Resource Representations Use nouns to describe entity sets: • The collection of customers: /customers • A single customer: /customers/{customerId} • Accounts of a particular customer: /customers/{customerId}/accounts https://www.thoughtworks.com/insights/blog/rest-api-design-resource-modeling
Challenges / Guidance • Balance the grain so applications are not too chatty • Resource naming should not depend on the API consumer knowing control flow of business processes • Clients should not be able to leave the system in an inconsistent state • Consider naming resources after business processes that encapsulate intent and operate in a consistent way on dependent collections such as /accounts/{accountId}/transactions or /customers/{customerId}/changeOfAddress • Business process resource names should still be nouns to the extent possible https://www.thoughtworks.com/insights/blog/rest-api-design-resource-modeling
HTTP Methods Invoking REST Services
Safe Methods • Safe means GET and HEAD methods should only retrieve data with no significant side effects • This enables other methods, such as POST, PUT and DELETE to be special in a way the user would expect that a possibly unsafe action is being requested https://tools.ietf.org/html/rfc2616#section-9.1.1
Idempotent Methods • Idempotent means, aside from error or expiration issues, the side- effects of N > 0 (multiple) identical requests is the same as for N = 1 (a single) request • GET, HEAD, PUT and DELETE are idempotent • OPTIONS and TRACE SHOULD NOT have side effects, and so are inherently idempotent https://tools.ietf.org/html/rfc2616#section-9.1.2
GET Retrieve whatever information (in the form of an entity) identified by the Request-URI. Example: Retrieve an address with an ID of 1: GET /addresses/1 • GET can be conditional if the request includes an If-Modified-Since, If-Unmodified-Since, If-Match, If-None-Match, or If-Range header field • GET can be partial if the request includes a Range header field or request parameters for limiting results • Responses are cacheable to reduce latency and network traffic • Using request headers, the client can request uncached data https://tools.ietf.org/html/rfc7231#section-4.3.1
POST Requests the origin server accept the entity enclosed in the request as a new subordinate of the resource identified by the Request-URI in the Request-Line. Example: Create a new address: POST /addresses • The posted entity is subordinate to that URI in the same way that a file is subordinate to a directory containing it or a record is subordinate to a database • Often POST is used to create a new entity, but it can also be used to update an entity https://tools.ietf.org/html/rfc7231#section-4.3.3
PUT Requests the enclosed entity be stored under the supplied Request-URI. Example: create or modify the address with an ID of 1: PUT /addresses/1 • If the Request-URI refers to an already existing resource, the enclosed entity SHOULD be considered as a modified version of the one residing on the origin server • If the Request-URI does not point to an existing resource, and that URI is capable of being defined as a new resource by the requesting user agent, the origin server can create the resource with that URI • A PUT request is idempotent which is the main difference between the expectations of PUT versus a POST request • PUT replaces an existing entity. If only a subset of data elements are provided, the rest will be replaced with empty or null https://tools.ietf.org/html/rfc7231#section-4.3.4
PATCH Requests that a set of changes described in the request entity be applied to the resource identified by the Request-URI • The set of changes is represented in a format called a "patch document" identified by a media type • If the Request-URI does not point to an existing resource, the server MAY create a new resource • Collisions from multiple PATCH requests may be more dangerous than PUT collisions because some patch formats need to operate from a known base-point or else they will corrupt the resource • The PATCH method affects the resource identified by the Request-URI, and it also MAY have side effects on other resources • PATCH is neither safe nor idempotent https://tools.ietf.org/html/rfc5789
DELETE Remove an entity at a URI. Example: remove the address with an ID of 1: DELETE /addresses/1 • The delete may be logical in that previous versions continue to exist https://tools.ietf.org/html/rfc7231#section-4.3.5
HTTP Status Codes Invoking REST Services
2xx – Success • 200 OK – the request succeeded (GET, PUT, PATCH) • 201 Created – a new resource has been created (PUT, POST) • 202 Accepted – the request has been accepted for processing which has not yet completed • 204 No Content – the request was successful and there is no content to be returned (DELETE) https://tools.ietf.org/html/rfc7231#section-6.3
4xx – Client Error • 400 Bad Request – the request had malformed syntax and was not understood • 401 Unauthorized – the request requires valid client authentication and authorization • 403 Forbidden – the request is understood but is being rejected for any of a variety of reasons • 404 Not Found – the URI references a non existent resource • 405 Method Not Allowed – the client made a request using an HTTP Method that is not supported by the server • 415 Unsupported Media Type – the request is not in a supported format https://tools.ietf.org/html/rfc7231#section-6.5
500 – Server Error • 500 Internal Server Error – an unexpected error prevented the request from being fulfilled • 503 Service Unavailable – The server is down or overloaded and unable to handle the request https://tools.ietf.org/html/rfc7231#section-6.6
Cross-Origin Resource Sharing (CORS) Using REST Services
Typical Modern Web Application https://www.w3.org/TR/cors/
The Problem http://d111111abcdef8.cloudfront.net
Hypermedia As The Engine Of Application State (HATEOAS) Designing REST Services
Hypermedia as the Engine of Application State • Is a constraint applied to the REST application architecture • The goal of HATEOAS is to isolate application state in the server rather than the client • A hypermedia-driven site provides information to navigate the site's REST interfaces dynamically by including hypermedia links with the responses • These hypermedia links represent valid state transitions, any of which the client can choose next • Whereas SOAP uses tightly coupled WSDL-driven interfaces which are defined at compile time, HATEOAS uses loosely coupled dynamically generated interfaces defined at run time https://spring.io/understanding/HATEOAS
HATEOAS Example https://spring.io/understanding/HATEOAS
Where To Go For More Webservices
Further Reading • Understanding REST from the Spring website • REST API Design – Resource Modeling by Prakash Subramaniam • Understanding HATEOAS from the Spring website • Richardson Maturity Model by Martin Fowler • GitHub API Documentation • Architectural Styles and the Design of Network-based Software Architectures by Roy Fielding • RFC 7231, Hypertext Transfer Protocol • Cross-Origin Resource Sharing by W3C

Recommended

Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)David Krmpotic
 
Linked data MLA 2015
Linked data MLA 2015Linked data MLA 2015
Linked data MLA 2015Cason Snow
 
Linked Data MLA 2015
Linked Data MLA 2015Linked Data MLA 2015
Linked Data MLA 2015Cason Snow
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State TransferPeter R. Egli
 
HATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTHATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTelliando dias
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural StyleRobert Wilson
 
Introduction to Linked Data Platform (LDP)
Introduction to Linked Data Platform (LDP)Introduction to Linked Data Platform (LDP)
Introduction to Linked Data Platform (LDP)Hector Correa
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transferTricode (part of Dept)
 

Recommended

Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)David Krmpotic
 
Linked data MLA 2015
Linked data MLA 2015Linked data MLA 2015
Linked data MLA 2015Cason Snow
 
Linked Data MLA 2015
Linked Data MLA 2015Linked Data MLA 2015
Linked Data MLA 2015Cason Snow
 
REST - Representational State Transfer
REST - Representational State TransferREST - Representational State Transfer
REST - Representational State TransferPeter R. Egli
 
HATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTHATEOAS: The Confusing Bit from REST
HATEOAS: The Confusing Bit from RESTelliando dias
 
The Rest Architectural Style
The Rest Architectural StyleThe Rest Architectural Style
The Rest Architectural StyleRobert Wilson
 
Introduction to Linked Data Platform (LDP)
Introduction to Linked Data Platform (LDP)Introduction to Linked Data Platform (LDP)
Introduction to Linked Data Platform (LDP)Hector Correa
 
REST - Representational state transfer
REST - Representational state transferREST - Representational state transfer
REST - Representational state transferTricode (part of Dept)
 
Slug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerSlug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerLeigh Dodds
 
Introduction to W3C Linked Data Platform
Introduction to W3C Linked Data PlatformIntroduction to W3C Linked Data Platform
Introduction to W3C Linked Data PlatformNandana Mihindukulasooriya
 
Learning W3C Linked Data Platform with examples
Learning W3C Linked Data Platform with examplesLearning W3C Linked Data Platform with examples
Learning W3C Linked Data Platform with examplesNandana Mihindukulasooriya
 
Restful web services
Restful web servicesRestful web services
Restful web servicesSurinder Mehra
 
Representational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASRepresentational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASGuy K. Kloss
 
Describing LDP Applications with the Hydra Core Vocabulary
Describing LDP Applications with the Hydra Core VocabularyDescribing LDP Applications with the Hydra Core Vocabulary
Describing LDP Applications with the Hydra Core VocabularyNandana Mihindukulasooriya
 
Rest web services
Rest web servicesRest web services
Rest web servicesPaulo Gandra de Sousa
 
Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)Abhay Ananda Shukla
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web ServicesHalil Burak Cetinkaya
 
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...SisInfLab-SWoT @Politecnico di Bari
 
20080917 Rev
20080917 Rev20080917 Rev
20080917 Revcharper
 
Best Practices for RESTful Web Services
Best Practices for RESTful Web ServicesBest Practices for RESTful Web Services
Best Practices for RESTful Web ServicesSalesforce Developers
 
JSON and REST
JSON and RESTJSON and REST
JSON and RESTRobert MacLean
 
REST and RESTful Web Services
REST and RESTful Web ServicesREST and RESTful Web Services
REST and RESTful Web ServicesKasun Madusanke
 
Deep Web: Databases on the Web
Deep Web: Databases on the WebDeep Web: Databases on the Web
Deep Web: Databases on the WebDenis Shestakov
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
On building a search interface discovery system
On building a search interface discovery systemOn building a search interface discovery system
On building a search interface discovery systemDenis Shestakov
 
RESTful services
RESTful servicesRESTful services
RESTful servicesPedram Bashiri
 
Impact of Restful Web Architecture on Performance and Scalability
Impact of Restful Web Architecture on Performance and ScalabilityImpact of Restful Web Architecture on Performance and Scalability
Impact of Restful Web Architecture on Performance and ScalabilitySanchit Gera
 
Creating Truly RESTful APIs
Creating Truly RESTful APIsCreating Truly RESTful APIs
Creating Truly RESTful APIsDomenic Denicola
 
Mini-Training: Let's have a rest
Mini-Training: Let's have a restMini-Training: Let's have a rest
Mini-Training: Let's have a restBetclic Everest Group Tech Team
 
Overview of java web services
Overview of java web servicesOverview of java web services
Overview of java web servicesTodd Benson (I.T. SPECIALIST and I.T. SECURITY)
 

More Related Content

What's hot

Slug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerSlug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerLeigh Dodds
 
Learning W3C Linked Data Platform with examples
Learning W3C Linked Data Platform with examplesLearning W3C Linked Data Platform with examples
Learning W3C Linked Data Platform with examplesNandana Mihindukulasooriya
 
Representational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASRepresentational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASGuy K. Kloss
 
Describing LDP Applications with the Hydra Core Vocabulary
Describing LDP Applications with the Hydra Core VocabularyDescribing LDP Applications with the Hydra Core Vocabulary
Describing LDP Applications with the Hydra Core VocabularyNandana Mihindukulasooriya
 
Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)Abhay Ananda Shukla
 
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...SisInfLab-SWoT @Politecnico di Bari
 
20080917 Rev
20080917 Rev20080917 Rev
20080917 Revcharper
 
Best Practices for RESTful Web Services
Best Practices for RESTful Web ServicesBest Practices for RESTful Web Services
Best Practices for RESTful Web ServicesSalesforce Developers
 
REST and RESTful Web Services
REST and RESTful Web ServicesREST and RESTful Web Services
REST and RESTful Web ServicesKasun Madusanke
 
Deep Web: Databases on the Web
Deep Web: Databases on the WebDeep Web: Databases on the Web
Deep Web: Databases on the WebDenis Shestakov
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISGeert Pante
 
On building a search interface discovery system
On building a search interface discovery systemOn building a search interface discovery system
On building a search interface discovery systemDenis Shestakov
 
Impact of Restful Web Architecture on Performance and Scalability
Impact of Restful Web Architecture on Performance and ScalabilityImpact of Restful Web Architecture on Performance and Scalability
Impact of Restful Web Architecture on Performance and ScalabilitySanchit Gera
 
Creating Truly RESTful APIs
Creating Truly RESTful APIsCreating Truly RESTful APIs
Creating Truly RESTful APIsDomenic Denicola
 

What's hot (20)

Slug: A Semantic Web Crawler
Slug: A Semantic Web CrawlerSlug: A Semantic Web Crawler
Slug: A Semantic Web Crawler
 
Introduction to W3C Linked Data Platform
Introduction to W3C Linked Data PlatformIntroduction to W3C Linked Data Platform
Introduction to W3C Linked Data Platform
 
Learning W3C Linked Data Platform with examples
Learning W3C Linked Data Platform with examplesLearning W3C Linked Data Platform with examples
Learning W3C Linked Data Platform with examples
 
Restful web services
Restful web servicesRestful web services
Restful web services
 
Representational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOASRepresentational State Transfer (REST) and HATEOAS
Representational State Transfer (REST) and HATEOAS
 
Describing LDP Applications with the Hydra Core Vocabulary
Describing LDP Applications with the Hydra Core VocabularyDescribing LDP Applications with the Hydra Core Vocabulary
Describing LDP Applications with the Hydra Core Vocabulary
 
Rest web services
Rest web servicesRest web services
Rest web services
 
Representational State Transfer (REST)
Representational State Transfer (REST)Representational State Transfer (REST)
Representational State Transfer (REST)
 
REST & RESTful Web Services
REST & RESTful Web ServicesREST & RESTful Web Services
REST & RESTful Web Services
 
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
Linked Data (in low-resource) Platforms: a mapping for Constrained Applicatio...
 
20080917 Rev
20080917 Rev20080917 Rev
20080917 Rev
 
Best Practices for RESTful Web Services
Best Practices for RESTful Web ServicesBest Practices for RESTful Web Services
Best Practices for RESTful Web Services
 
JSON and REST
JSON and RESTJSON and REST
JSON and REST
 
REST and RESTful Web Services
REST and RESTful Web ServicesREST and RESTful Web Services
REST and RESTful Web Services
 
Deep Web: Databases on the Web
Deep Web: Databases on the WebDeep Web: Databases on the Web
Deep Web: Databases on the Web
 
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRISThe glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
The glory of REST in Java: Spring HATEOAS, RAML, Temenos IRIS
 
On building a search interface discovery system
On building a search interface discovery systemOn building a search interface discovery system
On building a search interface discovery system
 
RESTful services
RESTful servicesRESTful services
RESTful services
 
Impact of Restful Web Architecture on Performance and Scalability
Impact of Restful Web Architecture on Performance and ScalabilityImpact of Restful Web Architecture on Performance and Scalability
Impact of Restful Web Architecture on Performance and Scalability
 
Creating Truly RESTful APIs
Creating Truly RESTful APIsCreating Truly RESTful APIs
Creating Truly RESTful APIs
 

Similar to Introduction to Web Services

Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfAparna Sharma
 
Restful webservice
Restful webserviceRestful webservice
Restful webserviceDong Ngoc
 
200211 Fielding Apachecon
200211 Fielding Apachecon200211 Fielding Apachecon
200211 Fielding ApacheconDaniel Parker
 
Restful web-services
Restful web-servicesRestful web-services
Restful web-servicesrporwal
 
REST Introduction.ppt
REST Introduction.pptREST Introduction.ppt
REST Introduction.pptKGSCSEPSGCT
 
Overview of REST - Raihan Ullah
Overview of REST - Raihan UllahOverview of REST - Raihan Ullah
Overview of REST - Raihan UllahCefalo
 
Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API" Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API" Fwdays
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfAparna Sharma
 
Designing RESTful APIs
Designing RESTful APIsDesigning RESTful APIs
Designing RESTful APIsanandology
 
Introduction to Restful Web Services
Introduction to Restful Web ServicesIntroduction to Restful Web Services
Introduction to Restful Web Servicesweili_at_slideshare
 
unit -4 spring web services like SOA Arch
unit -4 spring web services like SOA Archunit -4 spring web services like SOA Arch
unit -4 spring web services like SOA Archsudharani127782
 

Similar to Introduction to Web Services (20)

Mini-Training: Let's have a rest
Mini-Training: Let's have a restMini-Training: Let's have a rest
Mini-Training: Let's have a rest
 
Overview of java web services
Overview of java web servicesOverview of java web services
Overview of java web services
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
 
Api Design
Api DesignApi Design
Api Design
 
Restful webservice
Restful webserviceRestful webservice
Restful webservice
 
Unit 2
Unit 2Unit 2
Unit 2
 
200211 Fielding Apachecon
200211 Fielding Apachecon200211 Fielding Apachecon
200211 Fielding Apachecon
 
Restful web-services
Restful web-servicesRestful web-services
Restful web-services
 
REST Introduction.ppt
REST Introduction.pptREST Introduction.ppt
REST Introduction.ppt
 
WIT UNIT-5.pdf
WIT UNIT-5.pdfWIT UNIT-5.pdf
WIT UNIT-5.pdf
 
Restful webservices
Restful webservicesRestful webservices
Restful webservices
 
Overview of REST - Raihan Ullah
Overview of REST - Raihan UllahOverview of REST - Raihan Ullah
Overview of REST - Raihan Ullah
 
ReSTful API Final
ReSTful API FinalReSTful API Final
ReSTful API Final
 
Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API" Алексей Веркеенко "Symfony2 & REST API"
Алексей Веркеенко "Symfony2 & REST API"
 
Modern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdfModern REST API design principles and rules.pdf
Modern REST API design principles and rules.pdf
 
Designing RESTful APIs
Designing RESTful APIsDesigning RESTful APIs
Designing RESTful APIs
 
Enterprise REST
Enterprise RESTEnterprise REST
Enterprise REST
 
Introduction to Restful Web Services
Introduction to Restful Web ServicesIntroduction to Restful Web Services
Introduction to Restful Web Services
 
unit -4 spring web services like SOA Arch
unit -4 spring web services like SOA Archunit -4 spring web services like SOA Arch
unit -4 spring web services like SOA Arch
 
LeVan, "Search Web Services"
LeVan, "Search Web Services"LeVan, "Search Web Services"
LeVan, "Search Web Services"
 

Recently uploaded

What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?Watsoo Telematics
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptkotipi9215
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 

Recently uploaded (20)

What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?What are the features of Vehicle Tracking System?
What are the features of Vehicle Tracking System?
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
chapter--4-software-project-planning.ppt
chapter--4-software-project-planning.pptchapter--4-software-project-planning.ppt
chapter--4-software-project-planning.ppt
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 

Introduction to Web Services

  • 1. Introduction to Web Services Jeff Anderson janderson141@cscc.edu Center for Workforce Development
  • 2. Why Services? • Promotes separation of duties between the each layer in the architecture • Allows the presentation layer to focus on user interaction • Centralizes business rules and business logic in the application service layer • Delegates data persistence to the data access layer
  • 3. Web Services • Extend the service layer onto the network so it can be used by any number of clients all around the world • Client applications become much lighter weight and focus on user interactions, not business logic and persistence • Multiple versions of an application, such as web, iOS, Android, Alexa, ”Hey Google”, etc. share business rules making them faster and less expensive to develop • Allows other applications to collaborate with ours • Promotes loose coupling and use of domain specific languages in each layer by exchanging data in a text format such as JavaScript Object Notation (JSON)
  • 4. Microservices “In short, the microservice architectural style is an approach to developing a single application as a suite of small services, each running in its own process and communicating with lightweight mechanisms, often an HTTP resource API. These services are built around business capabilities and independently deployable by fully automated deployment machinery. There is a bare minimum of centralized management of these services, which may be written in different programming languages and use different data storage technologies.” -- James Lewis and Martin Fowler https://martinfowler.com/microservices/
  • 5. Simple Object Access Protocol (SOAP) Types of Webservices
  • 6. Simple Object Access Protocol (SOAP) • A W3C recommendation for exchanging structured information in a decentralized, distributed environment • Uses eXtensible Markup Language (XML) to exchange data in ways documented using Web Services Description Language (WSDL) • Defines an extensible framework providing a message construct that can be exchanged over a variety of underlying protocols • Designed to be independent of any particular programming model or language https://www.w3.org/TR/soap12-part1/#intro
  • 9. Challenges With SOAP Services • XML parsing is complex and can be slow to process • The Extensible Stylesheet Language (XSL) and XML Path Language (XPath) assist with transforming XML but add another level of complexity • The WSDL can be used to generate code for working with SOAP web services but versioning becomes a problem when the WSDL needs to change • While SOAP may be simpler than it’s predecessors, it is way more complex than it’s name would imply • In most organizations, SOAP web services are consider ”legacy” code
  • 11. Representational State Transfer (REST) • A network based architectural style for proposed by Roy Thomas Fielding in his PhD Dissertation at the University of California in 2000 • A stateless, cacheable, client-server based architectural style for building distributed applications at internet scale • Uses HTTP as the application-level protocol for communication and transfer of resource representations • Resources can be represented any number of ways, such as XML or JSON, and are negotiated via “accept” and “content-type” headers • Actions to be performed are articulated through HTTP methods with success or failure denoted by HTTP status codes https://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm
  • 12. Principles of REST • Resources expose easily understood directory structure URIs. • Representations transfer JSON or XML to represent data objects and attributes. • Messages use HTTP methods explicitly (for example, GET, POST, PUT, and DELETE). • Stateless interactions store no client context on the server between requests. State dependencies limit and restrict scalability. The client holds session state. https://spring.io/understanding/rest#principles-of-rest
  • 14. REST Resources “The key abstraction of information in REST is a resource. Any information that can be named can be a resource: a document or image, a temporal service (e.g. "today's weather in Los Angeles"), a collection of other resources, a non-virtual object (e.g. a person), and so on. In other words, any concept that might be the target of an author's hypertext reference must fit within the definition of a resource. A resource is a conceptual mapping to a set of entities, not the entity that corresponds to the mapping at any particular point in time.” – Roy Fielding https://www.ics.uci.edu/~fielding/pubs/dissertation/rest_arch_style.htm#sec_5_2_1_1
  • 15. Uniform Resource Identifier (URI) • http://www.ietf.org/rfc/rfc2396.txt • tel:+1-816-555-1212 • mailto:John.Doe@example.com • ftp://ftp.is.co.za/rfc/rfc1808.txt • ldap://[2001:db8::7]/c=GB?objectClass?one • urn:oasis:names:specification:docbook:dtd:xml:4.1.2 https://tools.ietf.org/html/rfc3986#section-1.1.2
  • 16. REST Resource Representations Use nouns to describe entity sets: • The collection of customers: /customers • A single customer: /customers/{customerId} • Accounts of a particular customer: /customers/{customerId}/accounts https://www.thoughtworks.com/insights/blog/rest-api-design-resource-modeling
  • 17. Challenges / Guidance • Balance the grain so applications are not too chatty • Resource naming should not depend on the API consumer knowing control flow of business processes • Clients should not be able to leave the system in an inconsistent state • Consider naming resources after business processes that encapsulate intent and operate in a consistent way on dependent collections such as /accounts/{accountId}/transactions or /customers/{customerId}/changeOfAddress • Business process resource names should still be nouns to the extent possible https://www.thoughtworks.com/insights/blog/rest-api-design-resource-modeling
  • 19. Safe Methods • Safe means GET and HEAD methods should only retrieve data with no significant side effects • This enables other methods, such as POST, PUT and DELETE to be special in a way the user would expect that a possibly unsafe action is being requested https://tools.ietf.org/html/rfc2616#section-9.1.1
  • 20. Idempotent Methods • Idempotent means, aside from error or expiration issues, the side- effects of N > 0 (multiple) identical requests is the same as for N = 1 (a single) request • GET, HEAD, PUT and DELETE are idempotent • OPTIONS and TRACE SHOULD NOT have side effects, and so are inherently idempotent https://tools.ietf.org/html/rfc2616#section-9.1.2
  • 21. GET Retrieve whatever information (in the form of an entity) identified by the Request-URI. Example: Retrieve an address with an ID of 1: GET /addresses/1 • GET can be conditional if the request includes an If-Modified-Since, If-Unmodified-Since, If-Match, If-None-Match, or If-Range header field • GET can be partial if the request includes a Range header field or request parameters for limiting results • Responses are cacheable to reduce latency and network traffic • Using request headers, the client can request uncached data https://tools.ietf.org/html/rfc7231#section-4.3.1
  • 22. POST Requests the origin server accept the entity enclosed in the request as a new subordinate of the resource identified by the Request-URI in the Request-Line. Example: Create a new address: POST /addresses • The posted entity is subordinate to that URI in the same way that a file is subordinate to a directory containing it or a record is subordinate to a database • Often POST is used to create a new entity, but it can also be used to update an entity https://tools.ietf.org/html/rfc7231#section-4.3.3
  • 23. PUT Requests the enclosed entity be stored under the supplied Request-URI. Example: create or modify the address with an ID of 1: PUT /addresses/1 • If the Request-URI refers to an already existing resource, the enclosed entity SHOULD be considered as a modified version of the one residing on the origin server • If the Request-URI does not point to an existing resource, and that URI is capable of being defined as a new resource by the requesting user agent, the origin server can create the resource with that URI • A PUT request is idempotent which is the main difference between the expectations of PUT versus a POST request • PUT replaces an existing entity. If only a subset of data elements are provided, the rest will be replaced with empty or null https://tools.ietf.org/html/rfc7231#section-4.3.4
  • 24. PATCH Requests that a set of changes described in the request entity be applied to the resource identified by the Request-URI • The set of changes is represented in a format called a "patch document" identified by a media type • If the Request-URI does not point to an existing resource, the server MAY create a new resource • Collisions from multiple PATCH requests may be more dangerous than PUT collisions because some patch formats need to operate from a known base-point or else they will corrupt the resource • The PATCH method affects the resource identified by the Request-URI, and it also MAY have side effects on other resources • PATCH is neither safe nor idempotent https://tools.ietf.org/html/rfc5789
  • 25. DELETE Remove an entity at a URI. Example: remove the address with an ID of 1: DELETE /addresses/1 • The delete may be logical in that previous versions continue to exist https://tools.ietf.org/html/rfc7231#section-4.3.5
  • 26. HTTP Status Codes Invoking REST Services
  • 27. 2xx – Success • 200 OK – the request succeeded (GET, PUT, PATCH) • 201 Created – a new resource has been created (PUT, POST) • 202 Accepted – the request has been accepted for processing which has not yet completed • 204 No Content – the request was successful and there is no content to be returned (DELETE) https://tools.ietf.org/html/rfc7231#section-6.3
  • 28. 4xx – Client Error • 400 Bad Request – the request had malformed syntax and was not understood • 401 Unauthorized – the request requires valid client authentication and authorization • 403 Forbidden – the request is understood but is being rejected for any of a variety of reasons • 404 Not Found – the URI references a non existent resource • 405 Method Not Allowed – the client made a request using an HTTP Method that is not supported by the server • 415 Unsupported Media Type – the request is not in a supported format https://tools.ietf.org/html/rfc7231#section-6.5
  • 29. 500 – Server Error • 500 Internal Server Error – an unexpected error prevented the request from being fulfilled • 503 Service Unavailable – The server is down or overloaded and unable to handle the request https://tools.ietf.org/html/rfc7231#section-6.6
  • 31. Typical Modern Web Application https://www.w3.org/TR/cors/
  • 33. Hypermedia As The Engine Of Application State (HATEOAS) Designing REST Services
  • 34. Hypermedia as the Engine of Application State • Is a constraint applied to the REST application architecture • The goal of HATEOAS is to isolate application state in the server rather than the client • A hypermedia-driven site provides information to navigate the site's REST interfaces dynamically by including hypermedia links with the responses • These hypermedia links represent valid state transitions, any of which the client can choose next • Whereas SOAP uses tightly coupled WSDL-driven interfaces which are defined at compile time, HATEOAS uses loosely coupled dynamically generated interfaces defined at run time https://spring.io/understanding/HATEOAS
  • 36. Where To Go For More Webservices
  • 37. Further Reading • Understanding REST from the Spring website • REST API Design – Resource Modeling by Prakash Subramaniam • Understanding HATEOAS from the Spring website • Richardson Maturity Model by Martin Fowler • GitHub API Documentation • Architectural Styles and the Design of Network-based Software Architectures by Roy Fielding • RFC 7231, Hypertext Transfer Protocol • Cross-Origin Resource Sharing by W3C

Editor's Notes

  1. A Uniform Resource Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource It allows different types of resource identifiers to be used in the same context, even when the mechanisms used to access those resources may differ The term "resource" is used in a general sense for whatever might be identified by a URI such as an electronic document, an image, a web page Each URI begins with a scheme name that refers to a specification for assigning identifiers within that scheme
  2. A conditional GET method requests that the entity be transferred only under the circumstances described by the conditional header field(s). The conditional GET method is intended to reduce unnecessary network usage by allowing cached entities to be refreshed without requiring multiple requests or transferring data already held by the client. A partial GET requests that only part of the entity be transferred, as described in section 14.35. The partial GET method is intended to reduce unnecessary network usage by allowing partially-retrieved entities to be completed without transferring data already held by the client. The response to a GET request is cacheable if and only if it meets the requirements for HTTP caching described in section 13 of the HTTP specification
  3. In a PUT request, the enclosed entity is considered to be a modified version of the resource stored on the origin server, and the client is requesting that the stored version be replaced. With PATCH, however, the enclosed entity contains a set of instructions describing how a resource currently residing on the origin server should be modified to produce a new version
  4. Delete is also expected to be idempotent in that subsequent delete requests for a given resource are ignored.
  5. Index.html served from S3 includes Javascript from Cloudfront (different domain) that wants to pull content from API gateway on a 3rd domain. CORS would block access to the API gateway content from the Javascript