我们可以让 Restful webservice 有状态吗 [英] Can we make Restful webservice stateful
问题描述
我一直在阅读有关 Restful webservices is Stateless 的文章.我还可以看到,大多数基于 Soap 的 Web 服务也是无状态的,如果需要,可以使它们有状态,而使它们有状态将取决于实现.因此,如果基于soap 的网络服务是有状态的,那么会话ID 将随每个请求一起传递,以继续会话.
I have been reading about about Restful webservices being Stateless. I can also see that most of Soap based webservices are also stateless and can be made stateful if needed and making them stateful will depend on implementation. So if a soap based webservice is stateful then a session id will passed with every request, to continue with session.
我的疑问是为什么不能用 Restful webservices 做同样的事情,我想我应该能够实现一个 webservice,它可以继续使用相同的会话,其中 session id 由 Restful webservice 传递,使是有状态的.
My query is why can't same be done with Restful webservices, I think i should be able implement a webservice which can continue with same session where session id is passed by Restful webservice making is Stateful.
所以我的问题是,RestFul 网络服务是否只是一个带有指导方针的概念,不让它们成为有状态的?或者会在 Restful 网络服务库 [如 Jersey] 中进行检查以阻止人们这样做?
So my question is, Are RestFul webservices just a concept with a guideline not to make them stateful? or there will be checks in Restful webservice libraries [like Jersey ] to stop people from doing so?
推荐答案
REST 的无状态旨在确保应用程序具有良好的可扩展性.您可以添加状态,但需要权衡可扩展性.
The statelessness of REST is designed to ensure applications scale well. You can add state, but it's at a trade-off in scalability.
向 REST 添加状态的最常见原因之一是用于身份验证.一旦建立了安全连接,就可以向客户端发送安全 cookie.然后客户端将此 cookie 添加到会话的所有请求中.服务器维护状态,然后根据 cookie 在每个请求中加载该状态.
One of the most common reasons to add state to REST is for authentication. Once a secure connection is established, a secure cookie can be sent to the client. This cookie is then added by the client to all requests for the session. The server maintains state and then loads that state in with every request based on the cookie.
考虑一个简单的网页.如果您不维护状态,您可以设置一个反向代理,通过 URL 将页面缓存在内存中,并将该资源分发到多个服务器以进行加载.如果您现在将当前登录用户的名称添加到该网页,您将无法再缓存任何内容(至少在最基本的 HTTP 级别).现在只能使用身份验证 cookie 和 URL 的组合来缓存响应.
Consider a simple web page. If you are not maintaining state, you can put up a reverse proxy, cache the page in memory by URL, and distribute that resource across many servers for load. If you now add the name of the currently logged in user to that web page, you can no longer cache anything (at least at the most basic HTTP level). The response can now be cached only with a combination of the authentication cookie and the URL.
这篇关于我们可以让 Restful webservice 有状态吗的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
