Google News
logo
Web Services Interview Questions
Web Services work on client-server model where client applications can access web services over the network. Web services provide endpoint URLs and expose methods that can be accessed over network through client programs written in java, shell script or any other different technologies.

Web services are stateless and doesn’t maintain user session like web applications.
There are basically two types of web services : 
 
 
SOAP (Simple Object Access Protocol) Web Services : It is also referred to as transport-independent messaging protocol whose main purpose is to transfer a message, and is based on XML protocol. 
 
RESTful (Representational State Transfer) Web Services : It is developed to fulfill the shortcomings of SOAP and to make the web services more effective.
Some of the important features of web services include : 
 
* Used to standardized XML messaging system. 
* Discoverable via a simple find mechanism. 
* Available over the internet or private networks. 
* Can be synchronous or asynchronous. 
* Supports RPC (Remote Procedure Calls).
* Supports loosely coupled connections between systems. 
* Not tied to any one programming language or any operating system. 
* Supports the transparent exchange of data to facilitate business integration. 
* Supports communication among different apps with HTML, XML, WSDL, SOAP, etc. 
There are various components of web services as given below : 
 
* SOAP (Simple Object Access Protocol) 
* UDDI (Universal Description, Discovery, and Integration) 
* WSDL (Web Services Description Language) 
* RDF (Resource Description Framework) 
* XML (Extensible Markup Language)
The SOAP stands for Simple Object Access Protocol. It is an XML-based protocol for accessing web services. It is platform independent and language independent. By using SOAP, you can interact with other programming language applications.
These are some of the important advantages of SOAP web services :
 
WS Security : SOAP defines its security known as WS Security.

Language Independent : Its web services can be written in any programming language.

Platform Independent : Its web services can be executed on any platform.
These are some of the important disadvantages of SOAP web services :
 
Slow : It uses XML format that must be parsed to be read and defines many standards that must be followed while developing the SOAP applications. So it is slow and consumes more bandwidth and resource.

WSDL Dependent : It uses WSDL and doesn't have any other mechanism to discover the service.
The following list specifies the features of SOAP :
 
* SOAP is a communication protocol.
* SOAP communicates between applications.
* SOAP is a format for sending messages.
* SOAP is designed to communicate via Internet.
* SOAP is platform independent.
* SOAP is language independent.
* SOAP is simple and extensible.
* SOAP allows you to get around firewalls.
* SOAP developed as a W3C standard.
One example of web services is IBM Web Services browser. You can get it from IBM Alphaworks site. This browser shows various demos related to web services. Basically web services can be used with the help of SOAP, WSDL, and UDDI. All these, provide a plug-and-play interface for using web services such as stock-quote service, a traffic-report service, weather service etc.
It is basically set of various protocols that can be used to explore and execute web services. The entire stack has four layers i.e. Service Transport, XML Messaging, Service Description and Service Discovery.
The Service Transport layer transfer messages between different applications, such as HTTP, SMTP, FTP, and Blocks Extensible Exchange Protocol (BEEP). The XML Messaging layer encodes messages in XML format so that messages can be understood at each end, such as XML-RPC and SOAP. The Service Description layer describes the user interface to a web service, such as WSDL. The Service Discovery layer centralizes services to a common registry and offer simple publish functionality, such as UDDI.
The WSDL stands for Web Services Description Language. It is an XML document containing information about web services such as method name, method parameter. The Client needs a data dictionary which contains information about all the web services with methods names and parameters list to invoke them for the web services. The Web Service Description Language bridge up this gap, by providing all necessary information to the client.
 
Some Important elements used in Web Services Description language are as follows :
 
<message> : The message element in WSDL is used to define all different data elements for each operation performed by the web service.

<portType> : The port type element is used to determine the operation which can be performed by the web service. This operation can have two messages one is input and the second one is the output message.

<binding> : This element contains the used protocol.
The UDDI stands for Universal Description, Discovery and Integration. It is a XML based framework for describing, discovering and integrating web services. It contains a list of available web services. WSDL is the part of UDDI.
The REST stands for Representational State Transfer. It is an architectural style. It is not a protocol like SOAP.
These are some of the important advantages of RESTful web services :
 
* Fast : The Web Services are fast because there is no strict specification of SOAP. It consumes less bandwidth and resource.

* Language Independent :
The web services can be written in any programming language.

* Platform Independent :
The web services can be executed on any platform.

* Can use SOAP :
The web services can use SOAP web services as the implementation.

* Allows different data format :
The web service permits different data format such as Plain Text, HTML, XML, and JSON.
API (Application Programming Interface) : It acts as an interface between two devices so that they can communicate with each other without any user intervention. Some of its features include customizable, easy integration with GUI, time effective, language-independent, etc. All APIs are not web services.

Web Service : It facilitates interaction between two devices over a network. They are widely used for exchanging data among systems or applications. Some of its features include loosely coupled, supports document exchange, interoperability, extensibility, etc. All Web services are APIs.

 
API Web Service
It can be online or offline. It must use a network.
They are lightweight architecture. They require SOAP to send and receive network data therefore, are not lightweight architectures.
It can use any design style or protocol. It can only use SOAP but sometimes UDDI, XML, RPC, and REST also.
It supports HTTP/HTTPS protocol and also supports XML and JSON. It supports HTTP protocol and also supports XML.
It doesn’t require any network for its operation. It requires a network for its operation.
They are open source and are used for XML. They are not open source and are used to understand JSON (JavaScript Object Notation).
There are various tools used to test web service as given below: 
 
* SoapUI 
* Poster 
* Postman 
* REST client 
* JMeter
Some of the different tags in WSDL xml are :
 
xsd : import namespace and schemaLocation: provides WSDL URL and unique namespace for web service.

message : for method arguments

part : for method argument name and type

portType : service name, there can be multiple services in a wsdl document.

operation : contains method name

soap : address for endpoint URL.
Some of the disadvantages of REST are :

* Sessions can’t be maintained.
* Since it works on HTTP, there can’t be asynchronous calls.
* Since there is no contract defined between service and client, it has to be communicated through other means such as documentation or emails.
XML-RPC (Remote Procedure Call) is considered the most basic and simplest XML-based protocol to exchange data among different devices on a network. It uses HTTP as a transport protocol for quickly and easily transferring the information or data between two devices. XML-RPC can also be used with different programming languages such as Perl, Java, Python, C, C++, PHP, etc,.
There are various features of XML-RPC that includes : 
 
* Platform independent 
* Allows diverse applications to communicate 
* Considered as the easiest and simplest way to get started with web services 
* Uses XML to encode its calls and HTTP as the transport protocol
A consumer of a web service is not tied to that web service directly. The web service interface can change over time without compromising the client's ability to interact with the service. A tightly coupled system implies that the client and server logic are closely tied to one another, implying that if one interface changes, the other must be updated. Adopting a loosely coupled architecture tends to make software systems more manageable and facilitates simpler integration between different systems.
Using XML eliminates any networking, operating system, or platform binding. So Web Services based applications are highly interoperable application at their core level.
Synchronicity is used to bind the client to the execution of the service. In synchronous invocations, the client blocks and waits for the service to complete its operation before continuing. On the other hand, synchronous operations facilitate a client to invoke a service and then execute different functions.
Every framework requires some type of architecture to ensure that the entire framework works perfectly as desired, the same goes for web services. Web service architecture is used to assist the developer with steps and procedures that are essential to complete the creation. Web service architecture includes three distinct roles i.e., service provider, service requester, and service registry. It also includes three different operations that include:  
 
Publish (Publication of Service Descriptions) : A service description needs to be published so that the service requestor can locate and have access to it. It can be published anywhere depending upon the requirements of the application. 
 
Find (Finding of Services Descriptions) : A service description is retrieved directly by a service requestor. The requestor consults the broker to locate a web service that is already published. 
 
Bind (Invoking of Service based on Service Description) : Every service needs to be invoked. To locate, contact, and invoke the service, the service requestor initiates the interaction with the service at runtime using details of binding in the service description.

Web Services Architecture
Web service requestor is the client application that requests for web service to use it. Its main purpose is to use an existing web service by opening a network connection and sending an XML request. In simple words, they are consumers of the web service. 
The web service registry is basically like a ‘phone book’ for web services. It allows client applications to be able to publish new services or can locate the already existing ones. Two widely-used registry standards are generally supported by application servers i.e., ebXML (Electronic Business using XML) and UDDI (Universal Description, Discovery, and Integration).
The Service Transport Layer is used to transport messages between applications.
 
This layer includes Hypertext Transport Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), File Transfer Protocol (FTP), and newer protocols like Blocks Extensible Exchange Protocol (BEEP).
The Service Description layer is used to describe the public interface to a specific web service. Currently, service description is handled via the Web Service Description Language (WSDL).
The Service Discovery layer is used for centralizing services into a universal registry and providing easy publish/find functionality.
 
Currently, service discovery is handled via Universal Description, Discovery, and Integration (UDDI).
REST API generally returns the following status codes in HTTP response :
 
* 200 OK
* 201 Created
* 202 Accepted
* 302 Found
* 400 Bad Request
* 401 Unauthorized 
* 404 Not Found
* 405 Method Not Allowed
* 409 Conflict
* 500 Internal Server Error
The increasing ratio of distributed applications has raised demand for distributed technologies. It allows segmenting of application units and transferring them to different computers on different networks.
Web services transfer/receive messages to/from application respectively, via HTTP protocol. It uses XML to encode data.
 
CORBA and DCOM transfer/receive messages to/from application respectively, via non-standard protocols such as IIOP and RPC.
DISCO means discovery. It groups the list of interrelated web services. The organization that provides web services, issues a DISCO file on its server and that file contains the links of all the provided web services. This standard is good when client knows the company already. Also it can be used within a local network as well.
Java webservices is developed to build and deploy basic web service on JAVA platform.
 
To create a web services, there are two approaches that are adopted
 
* Top-down approach
* Top-up approach
Web service protocol stack consists of 4 layers. This can be described as follows :
 
a) Service transport : This is the first layer that helps in transporting XML messages between various client applications. This layer commonly uses the below-mentioned protocols:
 
* HTTP(Hypertext Transport Protocol)
* SMTP(Simple Mail Transport Protocol)
* FTP(File Transfer Protocol)
* BEEP(Block Extensible Exchange Protocol)

b) XML messaging : This layer is based on the XML model where messages are encoded in common XML format which is easily understood by others. This layer includes
 
* XML-RPC
* SOAP(Simple Object Access Protocol)

c) Service description : This layer contains descriptions like location, available functions, and data types for XML messaging which describes the public interface to a specific web service. This layer includes:
 
* WSDL(Web Service Description Language)

d) Service discovery : This layer is responsible for providing a way to publish and find web services over the web. This layer includes:
 
* UDDI(Universal Description, Discovery, and Integration)
BEEP stands for Blocks Extensible Exchange Protocol. BEEP is determined as building new protocols for the variety of applications such as instant messaging, network management, file transfer, etc. It is termed as new Internet Engineering Task Force (IETF) which is layered directly over TCP. It has some built-in features like
 
* Authentication
* Security
* Error handling
* Handshake Protocol
Enlisted below are some common HTTP methods along with their functions that are supported by RESTful web services
 
GET : Read-only access to the resource.

PUT :
Creation of new resources.

DELETE :
Removal of a resource.

POST :
Update of an existing resource.

OPTIONS :
Get supported operations on the resource.

HEAD :
Returns HTTP header only, nobody.
HTTP request has following 5 major components :
 
Verb   : Indicate HTTP methods like GET, PUT, POST, etc
URI    : Identifies the resource on server
HTTP Version  : Indicates version.
Request Header : Contains metadata like client type, cache settings, message body format, etc for HTTP request message.
Request Body : Represents content of the message.


HTTP response has following 4 major components :
 
Status/Response code  :  Indicates the status of the server for requested resource.
HTTP version  :  Represents HTTP version.
Response Header :  Consists of metadata like content length, content type, server length, etc for HTTP response message.
Response Body :  Represents response message content.
The purpose of URI is to locate resources on the server that are hosting web services.
 
Format of URI :
 
<protocol>://<service-name>/<ResourceType>/<ResourceID>
There are basically 2 different approaches available for developing SOAP-based web services. These are explained as follows
 
* Contract-first approach : In this approach, the contract is defined first by XML and WSDL and then java classes are derived from the contract.

* Contract-last approach : In this approach, java classes are defined first and then the contract is generated which is usually the WSDL file from the java class.
“Contract-first” method is the most preferred approach.
Body – Contains the call and response messages. Also defined as a child element of the envelope that contains entire application derived XML data, which has been exchanged as a part of the SOAP message.

Envelope – The mandatory root element. Translates the XML document and determines the start and end of the SOAP message.

Fault Element – Handles the errors occurring during the processing of the messages. Appears as a child element of the body if the error is present.

Header – Contains optional message header attributes containing specific application information. Intended to add new features and functionalities, this element can occur several times in a single SOAP message.
Here you will get the primary security issues:
 
Authentication : Performed to verify the identity of a user and checking whether the user has the right to access the web service or not. It is also done with the intent of tracking user activity. Following options can be considered for authenticating:

* Application-level authentication
* Client certificates
* HTTP digest and HTTP basic authentication

Confidentiality : Any individual web service might have several applications. Their service path typically contains a potential weak link at its nodes. Hence, whenever messages or XML requests are sent by the client together with the service path to the server, the same must be encrypted.

Network Security : Very important security issue necessitating tools for filtering web service traffic

Note:- In order to ensure reliable transactions as well as securing confidential information, web services demand a high level of security. It is achieved via the Entrust Secure Transaction Platform.
* Binding : Defines as well as determines the protocol as well as the data format for each port type

*
Message : Defines the data elements for each individual operation. It could be the entire document or an argument yet to be mapped

*
Operations : Defines the operations to be performed for processing a message

*
Port Type : Defines the collection of operations which can be performed for binding

*
Types : Defines the message data types, in the form of XML schema, used by the web services
45 .
Please explain the two attributes of the <Port> element in WSDL.
Each <Port> element is related to a distinct binding by defining an individual endpoint. A <Port> element has the following two attributes :
 
Binding : refers to the process of binding that has to be performed as per the linking rules defined by WSDL

Name : Provides the unique name within the WSDL document
While binding in WSDL, a port must not :
 
* Specify any kind of binding information other than the address information

*
Specify more than one address
Web service helps in communication among various other applications by applying open standards, including SOAP, WSDL, XML, and HTML. For instance, we can create a Java-based web service on Solaris, which is accessible from the Visual Basic programs that run on the computer window. Another example would be of using C# to develop new web services on windows by using a web application that is based on JSP or Java Server Pages and runs on Linux.
The various browsers that allow access to Web Services include the following :
 
* Internet Explorer
* Safari
* Mozilla Firefox
* Opera
* Google Chrome and various others
Yes, we can test ASP.NET services regularly. It can be done by making a call for the URL of .asmx file is made in the browser, which shows complete information regarding web services on the page.
Yes, there are two Microsoft solutions for distributed applications. These are as follows :
 
* .NET web services.

* .NET Remoting.
The pre-requisite for deploying Web Service includes the following :
 
* Web Application Directory.
* Bin Directory.
* Web.Config File.
* Disco File.
* Webservice.
* Webservice.asmx File.
We can implement Web Services in .NET by applying HTTP handlers, which are used to interrupt requests to the .asmx files.
JAXP is a JAVA API for XML processing. It helps the JAVA application in writing, reading, transforming, and manipulating the XML data. It performs various functions such as JAX-RPC, JAXB, JAXM, JAXR, and more.
There are three different JAVA packages in the JAXB binding framework, which include the following :
 
xml.bind : It helps in defining the abstract classes and interfaces which are directly connected with the content classes.

xml.bind.util :
It consists of utility classes that can be availed by client applications with the purpose to manage marshaling, validation, and unmarshalling events.

xml.bind.helper :
It gives partial implementation for javax.xml.bind interfaces. 

These API cannot be directly used by the applications which are already executing JAXB architecture.
@WebService
@WebMethod
@SOAPBinding
This file provides endpoint details about JAX-WS web service which is deployed on tomcat.It is available at WEB-INF directory.

For example :
<?xml version="1.0" encoding="UTF-8"?>
<endpoints xmlns="http://java.sun.com/xml/ns/jax-ws/ri/runtime" version="2.0">
  <endpoint
     name="HelloWorldWS"
     implementation="org.arpit.javapostsforlearning.webservice.HelloWorldImpl"
     url-pattern="/HelloWorldWS"/>
</endpoints>
 
Java API for RESTful Web Services (JAX-RS), is a set if APIs to create web service which supports REST architecture. JAX-RS is part of the Java EE6, and help developers to create REST web application easily.
MTOM (Message Transmission Optimization Mechanism) is a mechanism for transmitting large binary attachments with SOAP messages as raw bytes, allowing for smaller messages.
SOAP envelop element is the root element of a SOAP message which defines the XML document as a SOAP message.

An example :
<?xml version="1.0"?>
<soap:Envelope
xmlns:soap="http://www.w3.org/2001/12/soap-envelope"
soap:encodingStyle="http://www.w3.org/2001/12/soap-encoding">
  ...
  Message information
  ...
</soap:Envelope>
SOAP namespace defines the Envelope as a SOAP Envelope.

An example :
xmlns:soap=http://www.w3.org/2001/12/soap-envelope
Yes, GET and POST methods are less secure and inhibit users to pass structures and objects as arguments. These methods are not suitable for sensitive information. It has a limited length of URL that potentially creates a loss of data while transferring. POST requests do not use caching.
Yes, we can do so. It is possible if we can inherit the class properties from the System.Web.Services. WebService class and qualify the class with the WebService attribute.
The first step is to create a web service reference by the client requesting the web service. After this web reference, a class is generated called a proxy class. Followed by a proxy class object is created and at the end, the client can get a response i.e client can access the web service through the proxy object created.
We can define response caching as the minimal number of requests a client makes to a web server. It reduces the level of work to be done by the web server to generate a response to the request made. Response caching is controlled by headers that specify how you would like client, proxy, and middleware to cache responses.
Caching means storing a lot of information for future requirements. It speeds up the workflow. Response Caching is impractical when methods accept an extensive amount of values. Also, if the method depends on some external source of information, and that is not provided as the arguments then such methods are avoided.
JAXR architecture includes a JAXR client and a JAXR provider.

JAXR client : It is a client program that uses the JAXR API to use a registry through a JAXR provider.
JAXR provider : It is an implementation of the JAXR API that provides access to a particular registry provider or to a class of registry providers that are built on common specifications.
The packages available in XML Digital signature API are :
 
* xml.crypto
* xml.crypto.dsig
* xml.crypto.dsig.keyinfo
* xml.crypto.dsig.spec
* xml.crypto.dom
* xml.crypto.dsig.dom
Stax stands for Streaming API for XML
It is an API to read and write an XML document
It comes from the JAVA programming language.
For setting HTTP status code other than 200, we have to use javax.ws.rs.core.Response class for response. Below are some of the sample return statements showing it’s usage.
return Response.status(422).entity(exception).build();
return Response.ok(response).build(); //200
Entrust Identification Service is categorized under Entrust Secure Transaction Platform which provides essential security capabilities to ensure secure transactions. This usually allows companies to fully control the identities that are trusted to perform web service transactions.
Entrust Entitlement service is those whose task is to verify the services that are attempting to access the web services. It basically ensures security in business operations as well as some authentication services.
As the name suggests, Entrust Privacy Service performs encryption of the data so that only concerned parties are able to access the data. It basically deals with two factors
 
* Confidentiality
* Security
73 .
Explain <definition> element?
Definition element is described as the root of WSDL document which defines the name of the web service as well as act as a container for all the other elements.
SOA (Service Oriented Architecture) is basically an architectural approach that is specially designed to support service orientation. It enabled services to communicate or interact across different platforms and languages to form applications. Applications in SOA are developed on the basis of services. It can be easily implemented using different protocols such as HTTP, JMS, HTTPS, RPC, RMI, etc.
Some of its advantages include :  
 
* Easy to integrate. 
* Services are platform-independent. 
* Manage complexity so that integration becomes more manageable. 
* Services are easier to test and debug. 
* Easily available to any requester.
EIS (Entrust Identification Service) : It is basically generated from Entrust security platform which allows or enables the corporates simply to handle and control the identities that are trusted to perform transactions for web service transactions.  
 
EPS (Entrust Privacy Service) : It deals with security and confidentiality simply by encrypting data. It is done to make sure that only concerned parties or authorized ones can have access to data.
Here is the example of a Web Service Provider :
using System;  
using System.Web.Services;  
using System.Xml.Serialization;  
  
[WebService(Namespace="http://localhost/MyWebServices/")]  
public class FirstService : WebService{  
   [WebMethod]  
   public int Add(int a, int b) {  
      return a + b;  
   }  
  
   [WebMethod]  
   public String SayHello() {  
      return "Hello World";  
   }  
}​
 
Advertisement