login      my ps      about      contact  



home instructor-led training online training blogs


XML Nation » ROA vs GET/POST

ROA vs GET/POST

Bill deHora has a great response to one of my (somewhat) recent REST posts. The timing is perfect, because I've been thinking a lot about what I said in those posts. I've also just finished reading the RESTful Web Services book, which is the most useful technical book I've read in a while, and have been thinking a lot about what it says too (and talking about it with Craig). I've been mulling over a post for a couple of days, and Bill's post is the impetus I needed to share what I've been thinking.

In RESTful Web Services, the authors define and argue the merits of Resource Oriented Architecture. ROA maps directly to the REST-as-CRUD model for thinking of the world, where interaction with your system is modeled entirely in terms of create, read, update and delete operations against data resources. For data-centric services, like the del.icio.us service that they refactor in the book, this model makes a ton of sense.

But what if your problem domain is more focused on processes than data? As the authors show with their proposal for modeling transactions, you can map any process to ROA with the following steps (or ones like them):

  • PUT/POST to create a new process resource
  • PUT to update that resource to include the data it needs
  • PUT to execute that process
  • GET to fetch the result

This maps any process to a set of resources. From this perspective, my argument that HTTP is all about POST and everything else is an optimization or unnecessary doesn’t make sense.

So could I model all processes the ROA way? Undoubtedly yes. But, what’s the value of this over just doing a POST with the data I want to process and getting the result back? It’s much easier to implement that because I don’t need the build-up of the process resource to span multiple stateless requests. I don’t ask this rhetorically, I really want to understand why people think this approach to modeling processes is better. (This is especially true if core bits of network infrastructure don’t support PUT/DELETE and you end up having to tunnel them through POST anyway.)

Maybe the process perspective is just the wrong way to think about the world, but it’s where a lot of people’s heads are at, including almost all the SOA/WS folks out there. In looking at my own system, I see one interface that is obviously data-centric and fits easily into the ROA model. Another interface is very process oriented. Right now we’re doing it with GET for read and POST for write, and it works and people get it. While I can see how to map it into the ROA model, I’m still unclear on how it helps.

So, to summarize, Bill is right: you shouldn’t follow what I said in that earlier post. (I always reserve the right to get smarter, and I’m using that now.) I’m still debating between the full ROA vs. GET for read and POST for write (again, especially if I have to tunnel through POST anyway), I really need to build some more stuff and see how it plays out.

Posted Oct 19 2007, 12:51 PM by tim-ewald

Comments

Paul H. wrote re: ROA vs GET/POST
on 10-21-2007 3:07 PM
>>But, what’s the value of this over just doing a POST with the data I want to process and getting the result back?

You first need to break out of the process-as-procedure-call mindset ;-)

PUT/POST to create a new process instance resource
PUT to initialize the process instance state
PUT to initiate the execution of the process instance
GET to fetch the current state of the process instance

Processes are not procedure calls - processes are long-running business (for lack of a better term) "value chains" ... a process could take days, weeks, or years to complete (e.g., the order-handling process at Amazon typically spans days or weeks; the lifecycle management process for a physical business asset could span years) ... as such, querying for the current state of a process instance is a routine occurrence (e.g., checking "Where's My Stuff?" on Amazon).
Ali wrote re: ROA vs GET/POST
on 10-22-2007 8:37 PM
My limited understanding is that it (POST v PUT/DELETE) may very well vary by a particular scenario. I think you need to take into account whether any of the following provide any benefits for you:

1. Idempotency of PUT and DELETE. (eg. retry scenarios.)
2. It's understood that PUT allows the client to specify the URL.
3. It's understood that PUT replaces the resource entirely (rather than append or whatever through POST).

I'm finding the different semantics implied by 2 and 3 to be particularly handy. I'm not sure how well this addresses the process vs. data distinction you have in mind though.
Erik Johnson wrote re: ROA vs GET/POST
on 10-26-2007 8:22 AM
Like you and I have been saying for years now, the message *is* the task. I don't see the value in quibbling over the roles I've chosen for HTTP verbs, URIs, or the payload itself when it comes to defining business intent.

In my stuff, PUT went completely on the back burner in favor of POST. That wasn't because I failed to break out of the RPC mindset -- it was because GET/PUT imply payload symmetry. In other words, for a given URI, the message format for what I GET is not the same as the format for what I PUT even though both are directly related to the same resource.

I thought using PUT would run afoul of the spirit of RFC-2616, which says the resource you PUT somehow overwrites data with a new representation. Many applications need a little better semantic fidelity than GET/PUT the same block of data – although maybe not much. That’s why POST was put into HTTP in the first place.

Add a Comment

(required)  
(optional)
(required)  
Remember Me?


home instructor-led training online training blogs

781.749.9238 (East Coast) | 310.251.9901 (West Coast) | Pluralsight, LLC , 185 Lincoln St., Suite 305, Hingham, MA 02043-1741

Copyright © 2008 Pluralsight LLC. All rights reserved.

designed by nukeation