Jon Udell urges the REST movement to not dismiss SOA. Specifically …
Now that the benefits of REST are abundantly clear, it’s time to circle back and ask when REST isn’t sufficient. The answer is that we’ll need the kinds of capabilities WS-* provides as our point-to-point, client/server-like applications evolve into webs of communicating services.
Yes, absolutey, we’ll need the capabilities that the WS-* stack provides (for the most part). But do we need the WS-* stack itself to provide those capabilities? I’m certainly all for trying to reuse existing specs where that makes sense. The issue though, is that with most of them, they explicitly or implicitly require disregarding a key contraints of REST, disrespecting Web architecture, or both. WSDL’s probably the poster child for this, as its raison d’etre is primarily to encourage rejection of REST’s uniform interface.
The good news is that not all of the Web services specs have this problem. Some off the top of my head that I consider more or less workable on the Web (not to suggest that they’re otherwise without fault, and also not to suggest I’ve had a serious look at every spec out there, even these) include SOAP, WS-Security, and SAML. If that’s what Jon has in mind, then we’re good to go. But if he was thinking about the likes of UDDI, the various reliability specs, transactions, etc.., I’d have to disagree with him. We need capabilities provided by solutions which were built with the Web and REST in mind, like those of the Semantic Web and ARRESTED.