REST 2.0 service binding

Use the REST 2.0 binding to access an information service through a simple HTTP interface and generate a response in either XML or JSON format. IBM® InfoSphere® Information Services Director supports GET, POST, PUT, and DELETE actions for the REST 2.0 binding.

When you attach a REST 2.0 binding, settings must be configured at the services level and operation level.

The REST 2.0 binding contains the following settings:

Description – Description of the binding.
Response Code Header option. Use this option to specify that service invocation errors must be returned as HTTP 200 responses.
If this property is set, any exception thrown by the service invocation is returned as an HTTP 200 response. The custom HTTP header, X-HTTP-Status-Override, will be set in the HTTP response to the actual HTTP status code (HTTP 500, by default).
Include this binding option. To exclude the binding from the deployment of the application that contains this information service, clear this setting.
Operation Bindings Default Settings
You set the default values to be used in operation bindings in the Operation Bindings Default Settings area. This provides you with the ability to set the value once at the service level for all operations. If you modify values in these fields, the operational binding configuration with the DEFAULT setting will then contain the newly specified value.
Important: When you change a field here at the service level, the change is propagated to the DEFAULT values in the operational bindings.

Format

You can select either the XML, JSON, or DYNAMIC format.

This setting specifies the required format of the REST 2.0 requests and responses. See Input argument encoding and Output argument encoding, below.

HTTP Action

You can select the HTTP GET, POST, PUT, or DELETE action for submitting a request to an information service provider.

This setting specifies the HTTP method that must be used when calling the service. See HTTP Methods, below.

Parameter Type

You can select BODY, URLEXTENDED, URLQUERY, or MULTIPART.

This setting specifies how service input argument values are encoded in the REST request. See Input argument encoding and Output argument encoding.
Security
You need to specify the security constraints for each service. The REST 2.0 binding uses these constraint definitions to properly define security constraints on the generated servlet and the corresponding service operation invocation URLs.

If authentication is required, HTTP basic authentication is used. If confidentiality is required, HTTPS is used and must be configured in the application server.
Requires Authentication

Specifies if authentication is required. If you select this option, HTTP basic authentication is used for the generated servlet.

Requires Confidentiality

Specifies if data confidentiality is required for service invocations. If you select this option, HTTPS is required to invoke any of the service operation.
REST 2.0 Settings in the pane for an operation.
In the REST 2.0 Settings area, you can use default values or specify another value for this particular operation.
Note: You set the default values at the Services level, in the Operation Bindings Default Settings area. When one of the default fields are changed at the service level, the value is automatically changed in the operational binding.

Format

You can select either DEFAULT, XML, JSON, or DYNAMIC format.

HTTP Action

You can select the DEFAULT, HTTP GET, POST, PUT, or DELETE action for submitting a request to an information service provider.

Parameter Type

You can select DEFAULT, BODY, URLEXTENDED, URLQUERY, or MULTIPART.
Operation Context
The default setting is <service-name>/<operation-name>. If you change the service name or operation name, the Operation Context value reflects the changes. This value will become a part of the URL that is used to invoke the service operation. The Operation Context value can be overwritten in the REST 2.0 Settings operation binding properties. See Calling the service by using REST, below.

For each service operation, the combination of its operation context (default or custom) and its HTTP method must be unique across all operations of all services contained in the application. As a result, it is possible for two service operations to be invoked by using the same URL, provided that a different HTTP method is used for each of them. For example, The getCustomer operation is exposed by using the /marketing/customers/customer URL and a GET HTTP method and the deleteCustomer operation is exposed using the same /marketing/customers/customer URL and a DELETE HTTP method.
Restriction: There is a restriction if you use the same operation context (same URL) to invoke different operations. If a given operation context is used with an HTTP PUT or DELETE method, there can be only one other operation using the same operation context and it must use the HTTP GET method. Because HTTP PUT and DELETE methods can be both tunneled through an HTTP POST by simply using the X-HTTP-Method-Override as part of the HTTP request, it might become difficult to identify the correct method to call, and there might be security issues.
Pass-through mechanisms
The REST 2.0 binding supports a pass-through mechanism both for input and output arguments. Using this mechanism, the service operation can receive the content of the HTTP request body “as is” and perform its own decoding logic and it can perform its own encoding logic on the result and pass it back as the content of the HTTP response body.
Input pass through

If you select this option, the service operation must have only one string input argument, the Parameter Type set to BODY and the associated HTTP method must be POST or PUT. In this case, the content of the HTTP request body is provided “as is” (no decoding or pass-through from the REST 2.0 binding perspective) to the service operation string input argument.

Output pass through
If you select this option, the service operation must return only one string value. The associated HTTP method can be GET, POST, PUT or DELETE. In this case, the content of the HTTP response body is directly set by using the service operation returned string value (no encoding, pass-through from the REST 2.0 binding point of view). The Content-Type header of the HTTP response is set according to the Format configuration:
- Set to application/xml if the Format value is XML. The service operation is assumed to return an XML document.
- Set to application/json if the Format value is JSON. The service operation is assumed to return an JSON string.
- Set to application/xml or application/json if the Format value is DYNAMIC. The value of the Accept header is checked first. If application/xml and application/json are missing from the Accept header, then check the first character of the returned string: if it is a "less than" character, <, then application/xml is used, if it is an open curly brace, {, then application/json is used.
Style Sheet File
You can specify an XSLT style sheet for use by the REST 2 binding. Click Browse to browse your local system for a file to upload. The XSLT field is available only when the selected Operation format is XML or Default and the Service format is specified as XML. If you include an XSLT style sheet file, a processing instruction referencing this style sheet is added to the XML responses, which allows consumers of the service (for example, a Web browser) to automatically apply the style sheet on the response.

Input argument encoding

The encoding of the service operation input arguments is driven by two operation level REST 2.0 properties: Parameter Type and Format.

Parameter Type specifies which part of the HTTP request will hold the input arguments. Depending on the Parameter Type value, the Format value might then be used to further specify how the input arguments must be encoded. Valid values for Parameter Type are: URLQUERY, URLEXTENDED, BODY or MULTIPART.

URLQUERY

URLQUERY is supported only for GET and DELETE HTTP methods and only if all the service input arguments are scalar values (integer, float, boolean, string, etc). The service input arguments must be encoded in the URL query string using the standard URL parameter encoding mechanism:

http://servername:port/wisd-rest2/<application-name>/<OperationContext>?arg1=value1&arg2=value2

The name of the URL parameters (arg1, arg2 in the example above) must match the name of the corresponding operation input argument.

URLEXTENDED

URLEXTENDED is supported only for GET and DELETE HTTP methods and only if all the service input arguments are scalar values (integer, float, boolean, string, etc). The service input arguments must be provided as part of the URL extended path:

http://servername:port/wisd-rest2/<application-name>/<OperationContext>/arg1Value/arg2Value

As the argument names are not specified, the arguments must be provided in the same order as defined in the operation signature.

BODY

BODY is supported only for POST and PUT HTTP methods and for any kind (scalar or complex) and number of service input arguments. The service input arguments must be provided in the HTTP request body and encoded in JSON or XML according to the Format value. See XML format and JSON format, below.

MULTIPART

MULTIPART is supported only for POST and PUT HTTP methods and for service operations with scalar only input arguments. The HTTP request must provide one part for each input argument with a name – name attribute of the Content-Dispostion header of the part, for example, Content-Disposition: form-data; name="arg1" – matching the name of the corresponding operation input argument. Each part must contain the scalar value “as is” (no XML or JSON encoding).

Input argument format

The operation-level Format property that you configure in REST 2.0 Settings specifies the input argument encoding format for HTTP POST and PUT requests with a BODY parameter type as the arguments must be provided as part of the HTTP body. See Operation Bindings Default Settings, above.

XML: If XML is used, the input arguments must be XML encoded and supplied in the HTTP request body.
JSON: If JSON is used, the input arguments must be JSON encoded and supplied in the HTTP request body.
DYNAMIC: If Dynamic is used, the format can be different at each service invocation. The input arguments must be encoded in XML or JSON following the same rule as defined in the XML Format and JSON Format sections and the Content-Type header of the HTTP request must be set accordingly to application/xml or application/json. The REST 2.0 binding uses the Content-Type header value to determine the expected encoding format.

Output argument encoding

The encoding of the service operation output argument is driven by the operation level Format property. See Operation Bindings Default Settings, above. The output argument encoding is independent from the HTTP method that is used for the HTTP request (GET, POST, PUT or DELETE). The encoded output argument is supplied as part of the HTTP response body.

Output argument Format values

The operation-level Format property you configure in REST 2.0 Settings specifies the output arguments encoding format. Valid values for Format are: XML, JSON, and DYNAMIC.

XML: If XML is used, the output argument is XML-encoded and returned in the HTTP response body. The HTTP response Content-Type header is also set to application/xml.
JSON: If JSON is used, the output argument is JSON-encoded and returned in the HTTP response body. The HTTP response Content-Type header is also set to application/json.
DYNAMIC: If Dynamic is used, the client must include the application/xml or application/json content type in the Accept header of the HTTP request. The REST 2.0 binding uses the Accept header value to figure out how the HTTP response must be encoded and to properly set the Content-Type header. If the Accept header is missing or does not contain a valid content type (either application/xml or application/json), an HTTP Status 400® error is returned.

HTTP methods

Each service operation is associated with only one HTTP method. Clients must use the specified HTTP method in order to be able to call the corresponding service operation.

Due to the parameter encoding limitations of the GET and DELETE HTTP methods (parameters must be encoded as part of the URL), these methods can only be used for service operation without input arguments or with only scalar input arguments.

For service operations associated with PUT and DELETE HTTP methods, clients can use an HTTP POST to invoke these operations providing that they set the X-HTTP-Method-Override header of the HTTP request to the intended HTTP method (PUT or DELETE). This PUT/DELETE tunneling mechanism through POST is always enabled. For any HTTP POST request, if the X-HTTP-Method-Override header is set, then the HTTP method overwrite will take place. If the X-HTTP-Method-Override header is set to something other than PUT or DELETE, an HTTP 400 error (SC_BAD_REQUEST) is returned.

Calling the service by using REST

After you deploy your service, the service can be called by using the proper URL format and argument encoding.

URL Format

Each service operation is uniquely identified through the REST 2.0 binding by its URL and the HTTP method it is associated with. By default, the URL used to invoke each service operation is as follows:

http://servername:port/wisd-rest2/<application-name>/<OperationContext>

Note: OperationContext defaults to <service-name>/<operation-name> unless overwritten in the REST 2.0 Settings operation binding properties

XML format

Service requests encoded in XML are composed as follows:

An XML root element enclosing all the input arguments (if any). The name of this root element can be anything. The REST 2.0 binding does not enforce any constraints on the name of the root element.
Each input arguments (if any) are encoded using an XML subelement of the root element and named after the name of one of the input arguments of the operation.

Service responses encoded in XML are composed as follows:

An XML root element called “results” directly containing the operation returned value.
If the service operation does not return anything (void), an empty XML results element is used.
The operation returned values is directly enclosed in the results root element. For example, if the operation returns a scalar value, an XML text node with that value is directly enclosed under the results root element.

Scalar data types: Scalar data types, or Java™ primitive types, are all encoded as XML text nodes (strings in the XML document). The value of the XML text node is the value returned by the Java toString() method for each of the primitive types. The only exception is for the java.util.Calendar type: the text node value is the date formatted in the ISO 8601 format: yyyy-MM-dd'T'HH:mm:ss.SSSZ.
Complex data types: For complex data types, a JavaBean instance is encoded into an XML chunk with each property (attribute) of the JavaBean encoded as an XML element in that chunk and named after the JavaBean property name.
Arrays: Java arrays are encoded as XML unbounded sequences. By default, there is enclosing XML element generated to hold all the array items. Array items are encoded like any other non array JavaBean attribute or service operation input argument, except that there is one XML element for each item of the array.

JSON format

Service requests encoded in JSON are composed of a single JSON object with one attribute for each service operation input argument. The name of these attributes must match the name of one of the input arguments of the operation. If the service operation does not have any input arguments, an empty JSON object must be provided: {}.

Service responses encoded in JSON are composed of a single JSON object with a single attribute called “results” holding the service operation returned value. If the service operation returns void, a null results JSON object is returned: {“results”:null}.

Scalar data types

The following table shows the list of supported scalar data types and the corresponding JSON format.

Table 1. Scalar data types and JSON format
Scalar Data Type	JSON Format
boolean	true or false
byte	Number
double	Number
float	Number
int	Number
java.lang.Boolean	true or false
java.lang.Byte	Number
java.lang.Double	Number
java.lang.Float	Number
java.lang.Integer	Number
java.lang.Long	Number
java.lang.Short	Number
java.lang.String	String
java.math.BigDecimal	Number
java.math.BigInteger	Number
java.util.Calendar	Object representing a JavaScript Calendar: {"date":26,"day":4,"hours":15,"minutes":38, "month":1,"seconds":6, "time":1235659086302, "timezoneOffset":-60,"year":109}
long	Number
short	Number

Complex data type

A JavaBean instance is encoded into a JSON object with each property (attribute) of the JavaBean encoded as an attribute of the JSON object and named after the JavaBean property name.

Arrays

Java arrays are encoded as JSON arrays. Each element of the array is encoded as specified in Table 1, above. There is one exception to this rule for byte arrays (byte[]). In this case, the byte array is base64-encoded and is handled as a JSON String.

Error handling

By default, if any Java exception is thrown by the service operation being invoked, the REST 2.0 binding returns an HTTP 500 (Internal Server Error) response with the exception details encoded in the HTTP response body in XML or JSON format.

An example XML exception is:

<?xml version="1.0" encoding="UTF-8"?>
<exception xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xmlns:java="http://java.sun.com">
<errorcode>[error code]</errorcode>
<stacktrace>[The exception stack trace]</stacktrace>
<classname>[The exception class name]</classname>
<requestURI>[The URI of the original request]</requestURI>
</exception>

An example JSON exception return is:

{"results":{"errorcode":"[error code]",
"stacktrace":"[The exception stack trace]",
"classname":"[The exception class name]",
"requestURI":"[The URI of the original request]"}}