An organization is creating a set of new services that are critical for their business. The project team prefers using REST for all services but is willing to use SOAP with common WS-* standards if a particular service requires it.
What requirement would drive the team to use SOAP/WS-* for a particular service?
SOAP would be used if the service must secure the service, requiring all consumers to submit a valid SAML token. While REST can potentially support SAML tokens, SOAP with WS-Security standards is more robust and well-established for handling such security requirements. Therefore, in scenarios where strict security protocols like SAML tokens are mandatory, SOAP would be the preferred choice.
It is more closure to D.
A. Must secure the service, requiring all consumers to submit a valid SAML token
A. SAML will force SOAP. SAML with REST specifications are still in approval process. SOAP WS Standards with SAML are quite well understood and used. Cannot be D because REST also has a schema that request response should adhere to. Just different format than XML Schemas. D would not mandate SOAP.
Sounds like B is the most appropriate Because WS-ReliableMessaging includes acknowledgment and retry as part of the protocol A. SAML is “possible” with REST C. Specifications and formats can be provided in REST D. No restriction for XML/REST
REST – Assumes the application deals with communication failures via application retries SOAP with WS-ReliableMessaging – Builds acknowledgement/retry logic into the communications stack – Can provide end-to-end reliability through one or more SOAP intermediaries
My answer is A. WS Security can be implemented using SAML. https://www.ibm.com/docs/en/app-connect/11.0.0?topic=security-ws