Question

There is a growing shift toward using RESTful web services in the industry, despite the fact that SOAP is more secure and has built-in support for enterprise security features. How would you justify using RESTful web services for your company when the business requires you to provide more security for the services you develop?

Answer 1

There are several reasons which has led to the shift of web services from SOAP to RESTful webservices like :

> RESTful provide a number of different data formats to work with unlike SOAP which only provide XML.

> RESTful offers language like JSON to work with which offers one of the best support to browser clients

> RESTful is more effecient than SOAP since it uses smaller message formats unlike SOAP which uses only XML.

> RESTful is cost friendly too since it does not require any expensive tools to work with it.

> RESTful is often faster than SOAP.

One must use RESTful even if the comapny requires more security because there are several ways to increase security for you project while using RESTful these methods are:

> One must validate all the input on server and one must must protect its server from malicious attacks like NoSQL injection.

>One must never write any sensitive data in URL (Uniform resource locator) like password or username and everything must passed to web service using POST method.

> Whenever someone request for web services one must autheticate the user using session based authentication