Book Image

Building RESTful Web Services with Spring 5 - Second Edition

By : Raja CSP Raman, Ludovic Dewailly
Book Image

Building RESTful Web Services with Spring 5 - Second Edition

By: Raja CSP Raman, Ludovic Dewailly

Overview of this book

REST is an architectural style that tackles the challenges of building scalable web services. In today's connected world, APIs have taken a central role on the web. APIs provide the fabric through which systems interact, and REST has become synonymous with APIs.The depth, breadth, and ease of use of Spring makes it one of the most attractive frameworks in the Java ecosystem. Marrying the two technologies is therefore a very natural choice.This book takes you through the design of RESTful web services and leverages the Spring Framework to implement these services. Starting from the basics of the philosophy behind REST, you'll go through the steps of designing and implementing an enterprise-grade RESTful web service. Taking a practical approach, each chapter provides code samples that you can apply to your own circumstances.This second edition brings forth the power of the latest Spring 5.0 release, working with MVC built-in as well as the front end framework. It then goes beyond the use of Spring to explores approaches to tackle resilience, security, and scalability concerns. Improve performance of your applications with the new HTTP 2.0 standards. You'll learn techniques to deal with security in Spring and discover how to implement unit and integration test strategies.Finally, the book ends by walking you through building a Java client for your RESTful web service, along with some scaling techniques using the new Spring Reactive libraries.
Table of Contents (21 chapters)
Title Page
Copyright and Credits
Packt Upsell
Spring Security and JWT (JSON Web Token)

REST – a basic understanding

Contrary to popular belief, REST is not a protocol, but an architectural principle for managing state information. It's mainly used in web applications. REST was introduced by Roy Fielding to overcome implementation difficulties in SOAP. Roy's doctoral dissertation made for an easy way to retrieve data, regardless of the platform used. You will see all the components of RESTful web services in the following sections.

Uniform interface

In REST principles, all resources are identified by the Uniform Resource Identifier (URI).

HTTP REST resources are represented in some media types, such as XML, JSON, and RDF. Also, RESTful resources are self-descriptive, which means enough information is given to describe how to process the request.

In another REST principle, the clients interact with servers through hypermedia, which is dynamically provided by the servers. Other than endpoints, clients don't need to know how to interact with RESTful services. This principle is referred to as Hypermedia as the Engine of Application State (HATEOAS).

Client and server

By separating REST entities such as the client and server, we can reduce the complexity of REST principles, which will show clear boundaries between server and client. This decoupling will help developers concentrate on the client and server independently. Also, it will help to manage different roles for the client and server.


In REST principles, the server will not keep any state about the client session on the server side; hence, it's stateless. If two calls are made to the server from a single client, the server will not identify whether both the calls are from the same client or not. As far as the server knows, every request is independent and new. Based on the URL, HTTP headers, and request body, including the parameters, the operation might be changed on the server side.


With RESTful web services, a client can cache any response coming from the server. The server can mention how, and for how long, it can cache the responses. With the caching option, a client can use the responses instead of contacting the server again. Also, caching will improve scalability and performance by avoiding client-server interactions all the time.


This principle has significant advantages for scalability. Caching techniques will be discussed in Chapter 8, Performance.

Since REST typically leverages HTTP, it inherits all the caching properties that HTTP offers.

Layered system

By providing the layered system, a server can hide its identity. By doing this, clients won't know which server they are dealing with. This policy gives more security control by providing intermediate servers and supports the load-balancing feature, too. Also, intermediate servers can improve scalability and performance through load-balancing and shared caches.

Code on demand (COD)

Code on demand (COD) is considered an optional principle. Servers can extend the functionality of clients by transferring executable code. For example, JavaScript can be provided to web-based clients to customize the functionality. As code on demand reduces the visibility of the client side, this constraint is optional. Also not all APIs need this feature.

More on REST

In web applications, REST is typically used over HTTP. REST doesn't need to be tied to any specific protocol. In HTTP REST, we mainly use the GET, POST, PUT, and DELETE methods to change the state of the resources we access. Other HTTP methods, such as OPTIONS, HEAD, CONNECT, and TRACE, can be used for more advanced operations, for example, for caching and debugging purposes. Most servers have disabled advanced methods for security and simplicity reasons; however, you can enable them by adjusting the server configuration files. As JSON is used as a primary media type for major applications, we also use only the JSON media type for our web service calls.