Ques 1. What are the RESTful web services drawbacks?
- Because the client side does not supply a specific session id for it, RESTful web services are transient and do not keep session simulation responsibility.
- Inherently, REST is unable to enforce the security limitation. However, by putting protocols in place, it inherits them. To improve the security of the REST APIs, SSL/TLS authentication integration must be done with great care.
Ques 2. How are REST APIs kept secure?
Sensitive information such as user id, password, or verification token should not be visible in URIs. REST APIs can be kept secure with the help of security initiatives including such authorization and authorization, API server affirmation, TLs/SSL encryption, rate-limiting for DDoS attacks, and more.
Ques 3. What do REST API "Options" mean?
It is an HTTP protocol used to retrieve the HTTP operations or options that are supported and assist clients in selecting choices in REST APIs. CORS, or Cross-Origin Resource Sharing, employs the REST option approach.
Ques 4. Explain the differences between RPC and document-style web services.
In contrast to RPC-style web services, document-style web services allow us to send an XML document as part of a SOAP request.
The application where a document-style web service is most suitable is one where an XML message behaves like a document, the content of which is subject to change, and the purpose of the web service is independent of the contents of XML messages.
Ques 5. What are JAX-WS and JAX-RS?
Both JAX-WS and JAX-RS are frameworks (APIs) that allow for different types of communication in Java. A library called JAX-WS can then be used to do SOAP communications in Java, whereas JAX-RS enables REST communication.
Ques 6. List the resources or APIs available for creating or testing web APIs.
There are various web service testing tools for REST APIs.
- MVC Jersey API
- Spring REST web service
- CXF Axis
- Restlet
Ques 7. How does the architecture for microservices operate?
- Clients: Requests are sent by numerous users using various devices.
- Identity providers: They verify the identities of users or customers and provide security tokens.
- API Gateway: Client requests are handled via API Gateway.
- Static: All of the system's material is contained in static content.
- Management: Determines failures and balances services across nodes.
- Service discovery: A tool for determining the path of communication among microservices is called service discovery.
- CDN: Network connection of proxy servers and associated data centers is called a content delivery network(CDN).
- Information: Information stored on a network of IT devices can be accessed remotely with the help of a remote service.
Ques 8. What design principles work best for resource representations?
The following are crucial considerations while creating a resource's representation format for a RESTful web service:
- Understanding and use of the resource's representation format should be possible for both the server and the client.
- Completeness A format ought to be able to accurately depict a resource. A resource could contain another resource, for instance. Format ought to be able to depict both straightforward and intricate resource structures.
- Linkability is a format that needs to be able to handle situations where one resource links to another.
Ques 9. What does RESTful Webservices statelessness entail?
A RESTful web service should not maintain a client state on the server in accordance with REST design. Statelessness is the term for this limitation. The client must transmit its context to the server, which can then store it and use it to perform the client's subsequent requests. For instance, the session identifier given by the client can be used to identify a server-maintained session.
Ques 10. What distinguishes monolithic, SOA, and microservices architectures from one another?
- With a monolithic architecture, all the software parts of a program are put together and neatly wrapped in one large container.
- A group of services that communicate with one another is referred to as a service-oriented architecture. Simple data exchange or the coordination of an action between two or even more services are both possible forms of communication.
- Microservices Architecture is a type of architectural design that organizes an application as a group of tiny, independent services based on a business domain.
Ques 11. Do you think GraphQL is the best choice for creating microservice architecture?
Because GraphQL hides your microservices architecture from the customers, it works perfectly with microservices. From the front end, you want all the data to come from a small API, while from the back end, you want to divide it into microservices. The best technique I'm aware of to do both is by using GraphQL. It enables you to divide the backend into microservices while still giving each application a single API and enabling joins across data from various services.
Ques 12. What is difference between REST and Web Socket?
| REST | Web Socket |
|---|
| REST follows stateless architecture, meaning it won’t store any session-based data. | Web Socket APIs follow the stateful protocol as it necessitates session-based data storage. |
| The mode of communication is uni-directional. At a time, only the server or the client will communicate. | The communication is bi-directional, communication can be done by both client or server at a time. |
| REST is based on the Request-Response Model. | Web Socket follows the full-duplex model. |
| Every request will have sections like header, title, body, URL, etc. | Web sockets do not have any overhead and hence suited for real-time communication. |
| For every HTTP request, a new TCP connection is set up. | There will be only one TCP connection and then the client and server can start communicating. |
| REST web services support both vertical and horizontal scaling. | Web socket-based services only support vertical scaling. |
| REST depends on HTTP methods to get the response. | Web Sockets depend on the IP address and port number of the system to get a response. |
| Communication is slower here. | Message transmission happens very faster than REST API. |
| Memory/Buffers are not needed to store data here. | Memory is required to store data. |
Ques 13. Can we implement transport layer security (TLS) in REST?
Yes, we can. TLS does the task of encrypting the communication between the REST client and the server and provides the means to authenticate the server to the client. It is used for secure communication as it is the successor of the Secure Socket Layer (SSL).
HTTPS works well with both TLS and SSL thereby making it effective while implementing RESTful web services. One point to mention here is, the REST inherits the property of the protocol it implements. So security measures are dependent on the protocol REST implements.
Ques 14. Should we make the resources thread safe explicitly if they are made to share across multiple clients?
There is no need to explicitly making the resources thread-safe because, upon every request, new resource instances are created which makes them thread-safe by default.
