login      my ps      about      contact  



home instructor-led training online training blogs


Don Box's Spoutlet » Yes Steve, I've Tried

Yes Steve, I've Tried

Vinoski asks an interesting question:

...how many, if any, dyed-in-the-wool WS advocates ever seriously, honestly, and fairly looked at REST, actually tried it, but then decided it didn’t work and so willingly chose to go back to WS.

I wouldn't call myself an advocate for any specific technology (ducks), but I've spent a lot of time doing HTTP stuff, including a recent tour of duty to help out on our .NET 3.5 support for REST in WCF.

I have to say that the authentication story blows chunks.

Having to hand-roll yet another “negotiate session key/sign URL” library for J. Random Facebook/Flickr/GData clone doesn't scale. 

Personally, my dream stack would be ubiquitous WS-Security/WS-Trust over HTTP GET and POST and tossing out WSDL in favor of doing direct XML programming against payloads from VB9 (or XQuery), but hey, I have unusual tastes.

 

Posted Nov 11 2007, 10:32 PM by don-box

Comments

Craig wrote re: Yes Steve, I've Tried
on 11-12-2007 2:59 AM
Oh, I don't know - that doesn't seem that unusual to me. :)
Brownie wrote re: Yes Steve, I've Tried
on 11-12-2007 6:49 AM
My first impression of WSDL when I encountered it back in late 99 early 00 was that it's sole reason for existence was to enable tools to automatically generate stubs that can properly call a web service.

Honestly, if you're programming against a webservice, you already know its interface. Otherwise, how can you program against it.

I definitely see the benefits of WSDL because who wants to do all that by hand?
Joe wrote re: Yes Steve, I've Tried
on 11-12-2007 9:38 AM
WSDL still matters in a lot of places. It makes the interface discoverable. Look at PopFly - how can a tool like that 'know' what the inputs and outputs are. For REST interfaces you need to have a wrapper module around it.

For complicated SOA systems (especially in-house) these schemas are essential. Contract first development is key for interoperability. The problem is that WSDL/XSD has some major flaws and its overkill for many solutions - especially on the internet.
M. David Peterson wrote re: Yes Steve, I've Tried
on 11-12-2007 12:09 PM
Take a look @ OAuth > http://oauth.net/ for the authentication piece.
David J. Smith wrote re: Yes Steve, I've Tried
on 11-17-2007 5:56 PM
"The problem is that WSDL/XSD ... and its overkill for many solutions - especially on the internet."

Agreed.

Add a Comment

(required)  
(optional)
(required)  
Remember Me?


home instructor-led training online training blogs

781.749.9238 (East Coast) | 310.251.9901 (West Coast) | Pluralsight, LLC , 185 Lincoln St., Suite 305, Hingham, MA 02043-1741

Copyright © 2008 Pluralsight LLC. All rights reserved.

designed by nukeation