Welcome!

Java Authors: Esmeralda Swartz, Roger Strukhoff, Carmen Gonzalez, Trevor Parsons, Pat Romanski

Related Topics: SOA & WOA, Java

SOA & WOA: Article

The Right End of REST

REST is all about distributed hypermedia applications. They’re the point of REST.

One of our Licensed ZapThink Architects, Michael Poulin, struggled with our recent ZapFlash, Where is the SOA in REST-Based SOA? In a forum post, Poulin asked:

If we have a UI that works with the middle- and back-end resources, do we care if … REST or Web Services are used behind the UI? If [the] UI all of a sudden becomes the orchestrator on its own (which contradicts the essence of Service with interfaces where one of [them is the] UI), how [may the] UI journey/workflow … be attributed to the communication channels - REST calls - running behind it? What constitute[s] “A REST application” … and how [does it differ] from non-REST application[s], especially from the architecture perspective? Where [is] the Architecture and where [is] the architecture Implementation?

Poulin is not alone in his confusion. The topic of REST is a minefield: it seems that most people don't understand it, even when they write authoritatively on the subject. And the true authoritative source, Dr. Roy Fielding, speaks in the precise yet obscure prose of an academic, often sowing as much confusion as he does clarity. And yet, the answers lie in Fielding's explanations, even though studying them feels a bit like sitting at the feet of the Buddha, hoping for enlightenment.

Unraveling REST
Let's begin with Wikipedia, a source Fielding bemoans as being a poor substitute for truth. Be that as it may, it's an expedient starting point. Wikipedia defines REST as "a style of software architecture for distributed hypermedia systems such as the World Wide Web." I always thought this definition was rather silly: after all, how many distributed hypermedia systems can you think of other than the Web? But in fact, this definition leads us to the answers to both of Poulin's core questions: first, what constitutes a REST application, and second, where is the architecture and where is its implementation?

Of course, Fielding's precise definition of REST differs from the Wikipedia simplification. According to Fielding, "the Representational State Transfer (REST) style is an abstraction of the architectural elements within a distributed hypermedia system." And therein lies the key to Poulin's second question: REST is an abstraction.

Of course, abstractions are nothing new-they are the basic tool of any architect, and a topic ZapThink has spoken about numerous times. But most people don't quite grok just how abstract REST is. For example, do you think that REST is HTTP-specific? No, it's not. It deals with abstracted hypertext protocols, of which HTTP is the most familiar. Does REST call for uniform interfaces consisting of GET, POST, PUT, and DELETE operations? No again. Those are examples of uniform interface operations, but REST itself doesn't specify them, other than an abstracted GET operation. And of course, resources are abstractions of server capabilities or entities, not the capabilities or entities themselves, while representations are abstractions of media type instances, not the instances themselves. Even the terms "client" and "server" are abstractions: a REST client may actually run on a physical server, and a REST server may serve as a client. In fact, there's nothing "client/server" about REST.

So when Wikipedia uses the phrase "a style of software architecture for distributed hypermedia systems such as the World Wide Web," it's pointing out that REST applies constraints to abstracted distributed hypermedia systems, of which the Web is only the most familiar example.

Confused yet? You're not alone, and that's the point. Architects look at the level of abstraction behind REST and wonder, "how can this mess be useful?" while developers look at it and think, "OK whatever, let's build a RESTful API and go from there." At that point, the architects take off their architect hats and dive into the technical details alongside the coders. The result? A lot of noise and confusion, ostensible RESTful APIs that are not really RESTful at all, and the mistaken belief that you can comply with some of the REST architectural constraints but not all of them, and still be doing some kind of REST.

And that brings us to Poulin's first question: what is a REST application anyway?

REST Applications: More than Bricks & Mortar
A REST application is a distributed hypermedia application, of course - something you apply a distributed hypermedia system to in order to accomplish some goal. Easy to say, but deceptively difficult to understand, until you realize that REST is all about distributed hypermedia applications. They're the point of REST. If you think you're "doing" REST without the goal of building a distributed hypermedia application, you're missing the point of REST entirely.

Unfortunately, most people who are trying to do REST, simply put, are missing the point of REST entirely!

It's as though we're trying to build a brick building, so we hire an architect who comes up with plans for a brick building. But we look at the plans and we don't really understand them, but we know we want to build with bricks, so we spend all our time figuring out the best way to mix mortar. Once we've come up with really good mortar, we convince ourselves we know how to build the building, even though we still don't understand the plan.

That's the state of REST today. People look at REST's four architectural constraints, and say, hmm, I don't understand the fourth one - Hypermedia as the Engine of Application State (HATEOAS). But I think I can figure out the bits about resources and representations. What they're failing to realize is the hypermedia bit is the point of what they're doing, just as actually building the building according to plan is the point of the mortar.

The mortar-first approach to REST has been institutionalized in the form of the Richardson Maturity Model, which suggests that HATEOAS is at the highest level of maturity, and it's perfectly fine to start at the lower levels and work your way up. In other words, it's fine to start construction once you have good mortar; you'll figure out the plan eventually. Clearly, that's no way to build a house!

The Right End of REST
What is it about HATEOAS that's so difficult? State engines? Computer Science 101, puhleeze. Hypermedia? Not really that confusing, either. After all, hypertext is just a document with links in it to other documents, and by generalizing hypertext to the term hypermedia, we're simply allowing for media other than HTML documents and the like. After all, a video or sound file could have a link in it, right? So, where's the confusion?

The confusion lies in the second letter A - application. As in distributed hypermedia application. The point of REST, remember? The architectural starting point for any implementation that REST constraints are appropriate for is the design of the hypermedia application that meets the given business requirements. If you look at the business requirements, and your expertise as an architect tells you that a distributed hypermedia application isn't the right thing to build, then don't use REST.

On the other hand, a distributed hypermedia application might be just the ticket. The next question you should ask is: how dynamic should this application be? In other words, what agility does the business require? Put the analysis that provides the answer to that question in your Agility Model. Then let the Agility Model - not the Richardson Maturity Model - guide your design.

RESTful Agility Levels
To illustrate the agility levels for distributed hypermedia applications that should frame your Agility Model, let's work through some concrete examples. As you go through these levels, compare them to the Richardson model.

Level 1: Static hypermedia application, consisting of a set of static Web pages containing nothing but HTML, interconnected by links. Not particularly agile. Is it REST? Yes, but in a very simplistic way. Does it meet your requirements? Probably not. (Level 1 is good enough for our ZapFlashes, however, in case you hadn't noticed.)

Level 2: Hypermedia application consisting of static Web pages that contain HTML and client-side JavaScript (no funky Ajax or the like). Pages link to each other, and the links may be dynamic, based upon client-side logic in the JavaScript.

Level 3: Hypermedia application consisting of dynamic Web pages built on the fly on the Web server, using php or Java Server Pages or whatever server scripting environment floats your boat. Pages link to each other, but the links may be dynamic, based upon server-side logic.

Level 4: Hypermedia application consisting of a set of dynamic representations that conform to a variety of media types (HTML documents, XML documents, images, video, you name it), where those representations have links to other representations, and furthermore, the links may be dynamic, based upon client-side or server-side logic or both, as appropriate.

Once you have determined the agility requirements for your application, now you may think about how best to implement its components - the hyperlinked representations. Answering that question finally leads you to a consideration of the resources that generate those representations. But you don't start with the resources, you start with the hypermedia application. You finish with the resources.

The ZapThink Take
The examples in the agility levels above are just that: examples. Particular implementation decisions that may be appropriate for a given situation. The architecture, however, is the overall, best practice-driven approach for beginning with the business challenge and working through the levels of abstraction to come up with a working implementation at the end. As an architectural style, REST is simply a set of constraints on the architecture: one way of doing things that makes it easier to solve certain problems. The architect must decide whether REST or any other style is appropriate for the problem at hand, but if you choose REST, then you must begin with the distributed hypermedia application you wish to build.

Hopefully I've answered Poulin's questions (I'm sure he'll let us know if I haven't). But there's still a part of his post left to address. If you read to the end, you'll see he wonders what happened to ZapThink. Well, Michael, we're a part of a larger company now, to be sure, but I'm still here, and I continue to do my best to push the envelope of architectural understanding. That's why we continue to update our Licensed ZapThink Architect course, which is now at version 9, and includes expanded content on REST-Based SOA, as you might expect. We hope to see you in a future class - and if you're in the Washington DC area, please come to our ZapForum networking event on October 12th and meet the "new" ZapThink. RSVP to z[email protected] if you'd like to join us!

More Stories By Jason Bloomberg

Jason Bloomberg is the leading expert on architecting agility for the enterprise. As president of Intellyx, Mr. Bloomberg brings his years of thought leadership in the areas of Cloud Computing, Enterprise Architecture, and Service-Oriented Architecture to a global clientele of business executives, architects, software vendors, and Cloud service providers looking to achieve technology-enabled business agility across their organizations and for their customers. His latest book, The Agile Architecture Revolution (John Wiley & Sons, 2013), sets the stage for Mr. Bloomberg’s groundbreaking Agile Architecture vision.

Mr. Bloomberg is perhaps best known for his twelve years at ZapThink, where he created and delivered the Licensed ZapThink Architect (LZA) SOA course and associated credential, certifying over 1,700 professionals worldwide. He is one of the original Managing Partners of ZapThink LLC, the leading SOA advisory and analysis firm, which was acquired by Dovel Technologies in 2011. He now runs the successor to the LZA program, the Bloomberg Agile Architecture Course, around the world.

Mr. Bloomberg is a frequent conference speaker and prolific writer. He has published over 500 articles, spoken at over 300 conferences, Webinars, and other events, and has been quoted in the press over 1,400 times as the leading expert on agile approaches to architecture in the enterprise.

Mr. Bloomberg’s previous book, Service Orient or Be Doomed! How Service Orientation Will Change Your Business (John Wiley & Sons, 2006, coauthored with Ron Schmelzer), is recognized as the leading business book on Service Orientation. He also co-authored the books XML and Web Services Unleashed (SAMS Publishing, 2002), and Web Page Scripting Techniques (Hayden Books, 1996).

Prior to ZapThink, Mr. Bloomberg built a diverse background in eBusiness technology management and industry analysis, including serving as a senior analyst in IDC’s eBusiness Advisory group, as well as holding eBusiness management positions at USWeb/CKS (later marchFIRST) and WaveBend Solutions (now Hitachi Consulting).

@ThingsExpo Stories
SYS-CON Events announced today that SOA Software, an API management leader, will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. SOA Software is a leading provider of API Management and SOA Governance products that equip business to deliver APIs and SOA together to drive their company to meet its business strategy quickly and effectively. SOA Software’s technology helps businesses to accelerate their digital channels with APIs, drive partner adoption, monetize their assets, and achieve a...
Samsung VP Jacopo Lenzi, who headed the company's recent SmartThings acquisition under the auspices of Samsung's Open Innovaction Center (OIC), answered a few questions we had about the deal. This interview was in conjunction with our interview with SmartThings CEO Alex Hawkinson. IoT Journal: SmartThings was developed in an open, standards-agnostic platform, and will now be part of Samsung's Open Innovation Center. Can you elaborate on your commitment to keep the platform open? Jacopo Lenzi: Samsung recognizes that true, accelerated innovation cannot be driven from one source, but requires a...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at Internet of @ThingsExpo, Robin Raymond, Chief Architect at Hookflash Inc., will walk through the shifting landscape of traditional telephone a...
From a software development perspective IoT is about programming "things," about connecting them with each other or integrating them with existing applications. In his session at @ThingsExpo, Yakov Fain, co-founder of Farata Systems and SuranceBay, will show you how small IoT-enabled devices from multiple manufacturers can be integrated into the workflow of an enterprise application. This is a practical demo of building a framework and components in HTML/Java/Mobile technologies to serve as a platform that can integrate new devices as they become available on the market.
SYS-CON Events announced today that Matrix.org has been named “Silver Sponsor” of Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Matrix is an ambitious new open standard for open, distributed, real-time communication over IP. It defines a new approach for interoperable Instant Messaging and VoIP based on pragmatic HTTP APIs and WebRTC, and provides open source reference implementations to showcase and bootstrap the new standard. Our focus is on simplicity, security, and supporting the fullest feature set.
BSQUARE is a global leader of embedded software solutions. We enable smart connected systems at the device level and beyond that millions use every day and provide actionable data solutions for the growing Internet of Things (IoT) market. We empower our world-class customers with our products, services and solutions to achieve innovation and success. For more information, visit www.bsquare.com.
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic • Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happens, where data lives and where the interface lies. For instance, it’s a mix of architectural style...
SYS-CON Events announced today that Utimaco will exhibit at SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Utimaco is a leading manufacturer of hardware based security solutions that provide the root of trust to keep cryptographic keys safe, secure critical digital infrastructures and protect high value data assets. Only Utimaco delivers a general-purpose hardware security module (HSM) as a customizable platform to easily integrate into existing software solutions, embed business logic and build s...
SYS-CON Events announced today that Red Hat, the world's leading provider of open source solutions, will exhibit at Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, a...
Internet of @ThingsExpo Silicon Valley announced on Thursday its first 12 all-star speakers and sessions for its upcoming event, which will take place November 4-6, 2014, at the Santa Clara Convention Center in California. @ThingsExpo, the first and largest IoT event in the world, debuted at the Javits Center in New York City in June 10-12, 2014 with over 6,000 delegates attending the conference. Among the first 12 announced world class speakers, IBM will present two highly popular IoT sessions, which will take place November 4-6, 2014 at the Santa Clara Convention Center in Santa Clara, Calif...
Connected devices are changing the way we go about our everyday life, from wearables to driverless cars, to smart grids and entire industries revolutionizing business opportunities through smart objects, capable of two-way communication. But what happens when objects are given an IP-address, and we rely on that connection, sometimes with our lives? How do we secure those vast data infrastructures and safe-keep the privacy of sensitive information? This session will outline how each and every connected device can uphold a core root of trust via a unique cryptographic signature – a “bir...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at Internet of @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, will discuss how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.

SUNNYVALE, Calif., Oct. 20, 2014 /PRNewswire/ -- Spansion Inc. (NYSE: CODE), a global leader in embedded systems, today added 96 new products to the Spansion® FM4 Family of flexible microcontrollers (MCUs). Based on the ARM® Cortex®-M4F core, the new MCUs boast a 200 MHz operating frequency and support a diverse set of on-chip peripherals for enhanced human machine interfaces (HMIs) and machine-to-machine (M2M) communications. The rich set of periphera...

SYS-CON Events announced today that Aria Systems, the recurring revenue expert, has been named "Bronze Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Aria Systems helps leading businesses connect their customers with the products and services they love. Industry leaders like Pitney Bowes, Experian, AAA NCNU, VMware, HootSuite and many others choose Aria to power their recurring revenue business and deliver exceptional experiences to their customers.
The Internet of Things (IoT) is going to require a new way of thinking and of developing software for speed, security and innovation. This requires IT leaders to balance business as usual while anticipating for the next market and technology trends. Cloud provides the right IT asset portfolio to help today’s IT leaders manage the old and prepare for the new. Today the cloud conversation is evolving from private and public to hybrid. This session will provide use cases and insights to reinforce the value of the network in helping organizations to maximize their company’s cloud experience.
The Internet of Things (IoT) is making everything it touches smarter – smart devices, smart cars and smart cities. And lucky us, we’re just beginning to reap the benefits as we work toward a networked society. However, this technology-driven innovation is impacting more than just individuals. The IoT has an environmental impact as well, which brings us to the theme of this month’s #IoTuesday Twitter chat. The ability to remove inefficiencies through connected objects is driving change throughout every sector, including waste management. BigBelly Solar, located just outside of Boston, is trans...
SYS-CON Events announced today that Matrix.org has been named “Silver Sponsor” of Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Matrix is an ambitious new open standard for open, distributed, real-time communication over IP. It defines a new approach for interoperable Instant Messaging and VoIP based on pragmatic HTTP APIs and WebRTC, and provides open source reference implementations to showcase and bootstrap the new standard. Our focus is on simplicity, security, and supporting the fullest feature set.
Predicted by Gartner to add $1.9 trillion to the global economy by 2020, the Internet of Everything (IoE) is based on the idea that devices, systems and services will connect in simple, transparent ways, enabling seamless interactions among devices across brands and sectors. As this vision unfolds, it is clear that no single company can accomplish the level of interoperability required to support the horizontal aspects of the IoE. The AllSeen Alliance, announced in December 2013, was formed with the goal to advance IoE adoption and innovation in the connected home, healthcare, education, aut...
SYS-CON Events announced today that Red Hat, the world's leading provider of open source solutions, will exhibit at Internet of @ThingsExpo, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Red Hat is the world's leading provider of open source software solutions, using a community-powered approach to reliable and high-performing cloud, Linux, middleware, storage and virtualization technologies. Red Hat also offers award-winning support, training, and consulting services. As the connective hub in a global network of enterprises, partners, a...