[XML-DEV Mailing List Archive Home] [By Thread] [By Date] [Recent Entries] [Reply To This Message]

Re: SOAP-RPC and REST and security

• To: "Uther, James" <James.Uther@F...>
• Subject: Re: SOAP-RPC and REST and security
• From: Francis Norton <francis@r...>
• Date: Thu, 21 Feb 2002 15:27:10 +0000
• Cc: xml-dev@l...
• References: <30B026EA81B98D4082E2FD73B14CB812239712@f...>
• Reply-to: francis@r...
• User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.4) Gecko/20011019 Netscape6/6.2

Uther, James wrote:
 >
 > How is this different from REST, where an XML document of a
 > specified type may be POSTed to a URL and parsed there, probably by
 >  the same parser? Well, one difference is that SOAP adds a bunch of
 >  complexity with no benefit. That's never good for security.
 >
SOAP? All I said was Web Services. WSDL is the bit that maps XML Schema 
definitions to message types, and part of its complexity is that it 
includes the option of binding the message to HTPP GET or POST as well 
as to SOAP though the HTTP POST binding appears to map to a 
form-friendly, CGI-compatible name-value pair list rather than the 
structured request block that I need in my e-commerce apps.

See http://www.esynaps.com/WebServices/WhoIsService.asmx?op=WhoIs for 
some auto-generated documentation for a WSDL service, just to show 
*what* the WSDL is specifying.

Would a WSDL-specified service using HTTP POST or HTTP GET count as 
REST? If so (or even if not) would passing an XML request block via HTTP 
POST count as REST?

Francis.

• Follow-Ups:
  • Re: SOAP-RPC and REST and security
    • From: Paul Prescod <paul@p...>

• References:
  • RE: SOAP-RPC and REST and security
    • From: "Uther, James" <James.Uther@F...>

• Prev by Date: Re: Scatter/gather pattern [was: New XPipe Presentation Available]
• Next by Date: RE: Worse XML tools?
• Previous by thread: RE: SOAP-RPC and REST and security
• Next by thread: Re: SOAP-RPC and REST and security
• Index(es):
  • Date
  • Thread