Web Things, by Mark Baker

Via Steve, a link to an article on Where HTTP Fails SOAP.

My comments…

Simple Web browsers have been the de facto HTTP client to date, and they are in essence single-threaded clients as far as the server is concerned, making only one request at a time over a given connection.

Hmm, that might have been so in the very early days, but browsers have used multiple outgoing connections for some time. I just checked Firefox, and its property for this – network.http.max-connections-per-server – has a default value of “8”.

Also, if you’ve ever written one, a browser is far from “simple”. In fact, the most complex code I’ve ever worked on was a browser.

To back up its claim that SOAP/HTTP can’t scale in some circumstances, the article describes a scenario;

For example, assume we have an online banking system with support for up to 4000 concurrent users. The Web tier comprises a cluster of application server instances behind a hardware HTTP load balancer. In order to fulfill the online banking business function, there are three Unix-hosted services and a mainframe-hosted service utilized by the application server. In a world where SOAP/HTTP is the only protocol, the application server will have to support an incoming connection from the browser, and one additional connection out to each of the four back-office services for each concurrent user. This is because HTTP demands that you wait for a response before you send your next request over that same connection. It has no concept of a request identifier, which is a core requirement to enable connection sharing.

First, what’s so hard about 8000 (or even 10000) connections? Second, HTTP doesn’t demand that you “wait for a response before you send your next request”, all it requires is that the server not send a response to a request before the responses to previous requests are sent. But a smart Web server could facilitate processing of requests in parallel in some situations. And thirdly, who’s to say this has to be synchronously, and some AJAX couldn’t spice up the UI to save on long-lived connections?

That’s not to say that I disagree with their conclusion that “a standards-based protocol that allows for request interleaving is needed”. Indeed, I do agree with them. It’s just tricky to deploy, as the community discovered when the ability to remove this constraint from HTTP was specified. As it turns out, extensions which require the reimplementation of both client and server connectors don’t get much love – go figure!

What’s needed is a replacement protocol. And any which provided the value of HTTP, but without this ordering restriction, would be fine with me.

Unfortunately, they mis-read the HTTP spec when summing up;

This problem has been solved in the past with connection concentrators, but because we cannot interleave HTTP POST requests, HTTP-based communication cannot be concentrated. Clearly, HTTP is not capable of scaling in such an environment.

Nope. What the spec says regarding pipelining and POST is;

   Clients SHOULD NOT pipeline requests using non-idempotent methods or
   non-idempotent sequences of methods (see section 9.1.2). Otherwise, a
   premature termination of the transport connection could lead to
   indeterminate results. A client wishing to send a non-idempotent
   request SHOULD wait to send that request until it has received the
   response status for the previous request.

That’s “SHOULD NOT”, not “MUST NOT”, and the reason is to avoid the partial failure problems that would result from the pipelining of non-idempotent/unsafe requests. It’s not a matter of interop.

And FWIW, this isn’t “interleaving”, which generally refers to the use of logical streams within a single physical stream. Pipelining introduces no logical streams.

It’s good to see them reference Waka too though, but it’s in a very odd context where they discuss protocols such as IIOP, JMS, and MQSeries. Note to authors; those are not HTTP replacements, because they are not application protocols. If somebody offered you a carrot for your Ferrari, would you take them up on it? Didn’t think so.

It’s clear the authors did their homework, which is wonderful. Unfortunately though, they fell right into that “protocol independence” trap, along with much of the rest of the industry.

Kurt pushes the Atom/RSS vs. SOAP meme. *nailed*
(link) [del.icio.us/distobj]

RSS/Atom & Microsoft. Quote: “These will not rival Soap/web services as a system for executing transactions.” Wanna bet?
(link) [del.icio.us/distobj]

“Do you know the difference between REST, SOAP, and MOM”? Well, do you?
(link) [del.icio.us/distobj]

Don Smith (belatedly) wonders what it means to be document oriented;

To me, document-oriented (also called message-oriented or message-centric) is less about programming models or on-the-wire representations and more about the developer’s mindset. I recommend all Web service developers try to change the way they think about distributed solutions … especially if they’ve come from a DCOM, Remoting, etc. background. When you’re not thinking in terms of messages, certain inappropriate concepts can seep into your service. For example, object-oriented concepts like inheritence and polymorphism don’t belong in a service interface. Don’t get me wrong, there are ways to acheive the benefits these concepts provide, but it’s done differently. Developers with an RPC mindset also think in terms of object instances which don’t really apply to the messaging mindset. Lastly, RPC is largely dependent on the request-response exchange pattern. Messages can be one-way, pub-sub, solicit response, or request-response. Okay, one more thing to distinguish these mindsets … messaging scenarios are better equiped to handle async, store and forward, and queuing scenarios.

It amazes me that I can agree so emphatically with with what’s written above, yet also know that Don, like other Web services proponents, is missing the point; if you’re not doing state transfer, you’re just putting lipstick (XML) on a pig (RPC). How can you tell the difference? If there’s an operation name in your “document”, then you’re not document oriented.

“[…]SOAP, XML-RPC and REST (although they didn’t name XML-RPC, I think it’s more widely deployed than the other two)” Almost, Dave. You’re just off by an order of magnitude of orders of magnitude.
(link) [del.icio.us/distobj]

Steve seems to be assuming a different definition of “object orientation” than Michi, or me, or probably most people. My advice; avoid the term.
(link) [del.icio.us/distobj]

Please ignore this article, as the author clearly (“REST message aren’t standardized”) doesn’t understand REST. Thanks.
(link) [del.icio.us/distobj]

“Where are the birthday candles, the retrospectives, the parties?” … the services? 8-)
(link) [del.icio.us/distobj]

“Web access toolkits should make it easier to do the right thing”. Or maybe make it harder to do the wrong thing, e.g. SOAP libs and protocol independence.
(link) [del.icio.us/distobj]