Q1. What are the different styles of Web Services used for application integration? and What are the differences between both SOAP WS and RESTful WS?
A1. SOAP WS and RESTful Web Service. Web services are very popular and widely used to integrate similar (i.e. Java applications) and disparate systems (i.e. legacy applications and applications written in .Net etc) as they are language neutral.

SOAP Web service RESTful Web service
Transport is platform & protocol neutral. Supports multiple protocols like HTTP(S), Messaging, TCP, UDP, SMTP, etc. Transport is protocol specific. Supports only HTTP or HTTPS protocols.
 SOAP uses its own protocol and focuses on exposing pieces of application logic (not data) as services. SOAP exposes operations. SOAP is focused on accessing named operations, which implement some business logic through different interfaces. REST is about exposing a public API over the internet to handle CRUD (Create, Read, Update, and Delete) operations on data. REST is focused on accessing named resources through a single consistent interface.
 SOAP only permits XML data formats.  REST permits many different data formats like XML, JSON data, text, HTML, atom, RSS, etc. JSON is less verbose than XML and is a better fit for data and parses much faster.
 SOAP based reads cannot be cached. The application that uses SOAP needs to provide cacheing.  REST based reads can be cached. Performs and scales better.
Supports both SSL security and WS-security, which adds some enterprise security features. Supports identity through intermediaries, not just point to point SSL.
WS-Security maintains its encryption right up to the point where the request is being processed.
WS-Security allows you to secure parts (e.g. only credit card details) of the message that needs to be secured. Given that encryption/decryption is not a cheap operation, this can be a performance boost for larger messages.
It is also possible with WS-Security to secure different parts of the message using different keys or encryption algorithms. This allows separate parts of the message to be read by different people without exposing other, unneeded information.
SSL security can only be used with HTTP. WS-Security can be used with other protocols like UDP, SMTP, etc.
Supports only point-to-point SSL security.
The basic mechanism behind SSL is that the client encrypts all of the requests based on a key retrieved from a third party. When the request is received at the destination, it is decrypted and presented to the service. This means the request is only encrypted while it is traveling between the client and the server. Once it hits the server (or a proxy which has a valid certificate), it is decrypted from that moment on.
The SSL encrypts the whole message, whether all of it is sensitive or not.
 Has comprehensive support for both ACIDbased transaction management for short-lived transactions and compensation based transaction management for long-running transactions. It also supports two-phase commit across distributed resources. REST supports transactions, but it is neither ACID compliant nor can provide two phase commit across distributed transactional resources as it is limited by its HTTP protocol.
 SOAP has success or retry logic built in and provides end-to-end reliability even through SOAP intermediaries.  REST does not have a standard messaging system, and expects clients invoking the service to deal with communication failures by retrying.

Which one to favor? In general, a REST based web service is preferred due to its simplicity, performance, scalability, and support for multiple data formats. SOAP is favored where service requires comprehensive support for security and transactional reliability.

Q2. Differentiate between SOA (Service Oriented Architecture) versus WOA (Web Oriented Architecture)?
A2. WOA extends SOA to be a light-weight architecture using technologies such as REST and POX (Plain Old XML). POX compliments REST. JSON is a variant for data returned by REST Web Services. It consumes less bandwidth and is easily handled by web developers mastering the Javascript language

SOA and WOA differ in terms of the layers of abstraction. SOA is a system-level architectural style that tries to expose business capabilities so that they can be consumed by many applications. WOA is an interface-level architectural style that focuses on the means by which these service capabilities are exposed to consumers. You can start out with a WOA and then grow into SOA.

Q3. How would you decide what style of Web Service to use? SOAP WS or REST?
A3. In general, a REST based Web service is preferred due to its simplicity, performance, scalability, and support for multiple data formats. SOAP is favored where service requires comprehensive support for security and transactional reliability.

The answer really depends on the functional and non-functional requirements. Asking the questions listed below will help you choose.

1) Does the service expose data or business logic? (REST is a better choice for exposing data, SOAP WS might be a better choice for logic).
2) Do consumers and the service providers require a formal contract? (SOAP has a formal contract via WSDL)
3) Do we need to support multiple data formats?
4) Do we need to make AJAX calls? (REST can use the XMLHttpRequest)
5) Is the call synchronous or asynchronous?
6) Is the call stateful or stateless? (REST is suited for statless CRUD operations)
7) What level of security is required? (SOAP WS has better support for security)
8) What level of transaction support is required? (SOAP WS has better support for transaction management)
9) Do we have limited band width? (SOAP is more verbose)
10) What’s best for the developers who will build clients for the service? (REST is easier to implement, test, and maintain)

Q4. What tools do you use to test your Web Services?
A4. SoapUI tool for SOAP WS and the Firefox “poster” plugin for RESTFul services.

Q5. What is the difference between SOA and a Web service?
A5. SOA is a software design principle and an architectural pattern for implementing loosely coupled, reusable and coarse grained services. You can implement SOA using any protocols such as HTTP, HTTPS, JMS, SMTP, RMI, IIOP (i.e. EJB uses IIOP), RPC etc. Messages can be in XML or Data Transfer Objects (DTOs).

Web service is an implementation technology and one of the ways to implement SOA. You can build SOA based applications without using Web services – for example by using other traditional technologies like Java RMI, EJB, JMS based messaging, etc. But what Web services offer is the standards based and platform-independent service via HTTP, XML, SOAP, WSDL and UDDI, thus allowing interoperability between heterogeneous technologies such as J2EE and .NET.

Q6. Why not favor traditional style middle-ware such as RPC, CORBA, RMI and DCOM as opposed to Web services?
A6. The traditional middle-wares tightly couple connections to the applications. Tightly coupled applications are hard to maintain and less reusable. Generally do not support heterogeneity. Do not work across Internet and can be more expensive and hard to use.

Web Services support loosely coupled connections. The interface of the Web service provides a layer of abstraction between the client and the server. The loosely coupled applications reduce the cost of maintenance and increases re-usability. Web Services present a new form of middle-ware based on XML and Web. Web services are language and platform independent. You can develop a Web service using any language and deploy it on to any platform, from small device to the largest supercomputer. Web service uses language neutral protocols such as HTTP and communicates between disparate applications by passing XML or JSON messages to each other via a Web API. Do work across internet, less expensive and easier to use.

1) Define Web Service?

A web service is a kind of software that is accessible on the Internet. It makes use of the XML messaging system and offers an easy to understand, interface for the end users.


2) What is new in this field for past few years?

The initiation of XML in this field is the advancement that provides web service a single language to communicate in between the RPCs, web services and their directories.

3) Give me an example of real web service?

One example of web services is IBM Web Services browser. You can get it from IBM Alphaworks site. This browser shows various demos related to web services. Basically web services can be used with the help of SOAP, WSDL, and UDDI . All these, provide a plug-and-play interface for using web services such as stock-quote service, a traffic-report service,  weather service etc.

4) How you define web service protocol stack?

It is basically set of various protocols that can be used to explore and execute web services. The entire stack has four layers i.e. Service Transport, XML Messaging, Service Description and Service Discovery.

5) Can you define each of these layers of protocol stack?

The Service Transport layer transfer messages between different applications, such as HTTP, SMTP, FTP, and Blocks Extensible Exchange Protocol (BEEP). The XML Messaging layer encodes messages in XML format so that messages can be understood at each end, such as XML-RPC and SOAP. The Service Description layer describes the user interface to a web service, such as WSDL. The Service Discovery layer centralizes services to a common registry and offer simple publish functionality, such as UDDI.

6) Define XML – RPC?

It is a protocol that makes use of XML messages to do Remote Procedure Calls.

7) Define SOAP?

SOAP is an XML based protocol to transfer between computers.

8) Define WSDL?

It means Web Services Description Language. It is basically the service description layer in the web service protocol stock. The Service Description layer describes the user interface to a web service.

9) What kind of security is needed for web services?

Image for Web Services

Web Services

The security level for web services should be more than that of what we say Secure Socket Layer (SSL). This level of security can be only achieved from Entrust Secure Transaction Platform. Web services need this level of security to ensure reliable transactions and secure confidential information .

10) Do you have any idea about foundation security services?

As implies from its name, these services are the foundation or basics of integration, authentication, authorization, digital signatures and encryption processes.

11) Define Entrust Identification Service?

Entrust Identification Service comes from the Entrust Security Transaction Platform. This platform allows companies to control the identities that are trusted to perform transactions for Web services transactions.

12) What UDDI means?

UDDI stands for Universal, Description, Discovery, and Integration. It is the discovery layer in the web services protocol stack.

13) Define Entrust Entitlements Service?

This service verifies entities that attempt to access a web service. For Example, the authentication service, the Entitlements Service ensures security in business operations.

14) Define Entrust Privacy Service?

As its name implies, it deals with security and confidentiality. This service encrypts data to ensure that only concerned parties can access the data.

15) What do you mean by PKI?

It means Public-Key Infrastructure.

16) What tools are used to test a web service?

I have used SoapUI for SOAP WS and Firefox poster plugin for RESTFul Services.

17) Differentiate between a SOA and a Web service?

SOA is a design and architecture to implement other services. SOA can be easily implemented using various protocols such as HTTP, HTTPS, JMS, SMTP, RMI, IIOP, RPC etc. While Web service, itself is an implemented technology. In fact one can implement SOA using the web service.

18) Discuss various approaches to develop SOAP based web service?

We can develop SOAP based web service with two different types of approaches such as contract-first and contract-last. In the first approach, the contract is defined first and then the classes are derived from the contract while in the later one, the classes are defined first and then the contract is derived from these classes.

19) If you have to choose one approach, then what will be your choice?

In my point of view, the first approach that is the contract-first approach is more feasible as compared to the second one but still it depends on other factors too.

20) Is there any special application required to access web service?

No, you don’t need to install any special application to access web service. You can access web service from any application that supports XML based object request and response.

21) Can you name few free and commercial implementations for web services?

The implementations I know are Apache SOAP, JAX-WS Reference Implementation, JAX-RS Reference Implementation, Metro, Apache CXF, MS.NET and Java 6.

22) Name browser that allows access to web service?

JavaScript XmlHttpRequest object is required to access web service via browsers. The browsers that support this object are Internet Explorer, Safari and Mozilla-based browsers like FireFox.

23) What is REST?

REST stands for Representational State Transfer. REST itself is not a standard, while it uses various standards such as HTTP, URL, XML/HTML/GIF/JPEG (Resource Representations) and text/xml, text/html, image/gif, image/jpeg, etc (MIME Types).

24) How one can provide API to users?

To provide an API to the users, one can easily do this with an “open table”. All you need to do is to write open table which is basically an XML schema that point to a web service.

25) Name the various communication channels in web service?

Web service is integrated with three protocols such as HTTP/POST, HTTP/GET, and SOAP. It provides three different communication channels to clients. Client can choose any communication method as per requirements.


26) How can you document web service?

Web services are contemplated as self-documenting because they provide entire information regarding the available methods and parameters used for XML based standard, known as WSDL. One can also provide more information to explain web services via their own WebService and WebMethod attributes.

27) What are the situations, when we need ASP.NET web services?

ASP.NET web services are used when one need to implement three tier architecture in a web service. It allows handy ways to use middle tier components through internet. The main advantage of .NET Web services is that they are capable enough to communicate across firewalls because they use SOAP as transport protocol.

28) What are distributed technologies?

The increasing ratio of distributed applications has raised demand for distributed technologies. It allows segmenting of application units and transferring them to different computers on different networks.

29) Differentiate between web services, CORBA and DCOM?

Web services transfer/receive messages to/from application respectively, via HTTP protocol. It uses XML to encode data.

CORBA and DCOM transfer/receive messages to/from application respectively, via non-standard protocols such as IIOP and RPC.

30) Can you tell few benefits of web services?

The biggest advantage of web service is that is supported by wide variety of platforms. Moreover, in near future, web services may spread its boundary and enhance new methods that will provide ease to clients. The enhancement will not affect the clients, even if they offer old methods and parameters.

31) Can you name some standards used in web services?

The standards used in web services are WSDL (used to create interface definition), SOAP (used to structure data), HTTP (communication channels), DISCO (used to create discovery documents) and UDDI (used to create business registries).

32) Explain in brief, what DISCO is?

DISCO means discovery. It groups the list of interrelated web services. The organization that provides web services, issues a DISCO file on its server and that file contains the links of all the provided web services. This standard is good when client knows the company already. Also it can be used within a local network as well.

33) Explain in brief, what UDDI is?

UDDI (Universal Description, Discovery, and Integration) provides consolidated directory for web services on the internet. Clients use UDDI to find web services as per their business needs. It basically hosts the web services from various companies. In order to share web services, you need to publish it in UDDI.

34) Explain the .NET web services supported data types? 

.Net web services uses XML-based standards to transfer/receive information. Thus, .NET web services can only works with data types known by XML schema standard. Like FileSteam, Eventlog etc. are not recognized by the XML schema standards and hence, not supported in web services.

35) How a .NET web service is tested?

ASP.NET uses a test page routinely, when one calls for the URL of .asmx file in any browser. This page shows complete information regarding web services.

36) How a .NET web service is consumed?

Since we know that web services are constructed on XML standards. Therefore, clients need to have complete understanding of XML-based messages to interchange messages. Clients can communicate with web services through .NET framework that offers proxy mechanisms. These proxy mechanisms have detailed information regarding data sharing within web services that can be easily used by the clients.

37) Can you name the two Microsoft solutions for distributed applications?

The two Microsoft solutions for distributed applications are .NET Web Services and .NET Remoting.

38) Differentiate between .NET Web Services and .NET Remoting?

As far as protocol is concerned, .NET Web Service uses HTTP, while, .NET Remoting uses any protocol i.e. TCP/HTTP/SMTP. When it comes to performance, .NET Remoting is comparatively, faster than.NET Web Service. Also, as .NET Web Services are hosted via IIS, therefore, it is far more reliable than the .NET Remoting.

39) Name the components to be published while deploying a Web Service?

The components that need to be published during a web service deployment are Web Application Directory, Webservice.asmx File, Webservice.Disco File, Web.Config File and Bin Directory.

40) What are the steps performed by the client to access a web service?

First of all a web reference to the web service is created by the client in his application. Then a proxy class is generated. After that an object of the proxy class is created and at last, the web service is accessed via that proxy object.

41) How web services are implemented in .NET?

To implement web services in .NET, HTTP handlers are used that interrupt requests to .asmx files.

42) Explain few disadvantages of Response Caching?

Response Caching is useless or incompetent when method accepts extensive amount of values because caching means to store lot of information.  Also, if the method depends on external source of information, and that are not provided within the parameters then such methods are bypassed.

43) What is the alternate solution to Response Caching?

One can use Data Caching (System.Web.Caching.Cach) instead of Response Caching.

44) Brief few drawbacks of using GET and POST methods to communicate with the web service?

These methods are less secure and inhibit users to pass structures and objects as arguments. Also, it doesn’t allow users to pass ByRef arguments.

45) How can one access a class as a web service?

To access a class as a web service, one should inherit the class from the System.Web.Services.WebService class and qualify the class with the WebService attribute.

46) How can one access the web service class method via internet?

To access web service class method via internet, one should qualify a method with the WebMethod attribute.

47) How a SOAP message is structured?

A SOAP message is consists of SOAP Envelope, SOAP Headers, and SOAP Body.

48) Can you name different kinds of web services?

There are two types of web services in total i.e. SOAP based web service and RESTful web service.

This question is already mentioned earlier.

49) What’s different in RESTful web services?

The RESTful web services contains no contract or WSDL file.

50) Give me few reasons to use RESTful web service?

The RESTFul web services are simple to implement and test. It supports various data formats such as XML, JSON etc.


Soap Based Java web services, I am here sharing a list of frequently asked web service interview questions. These questions include those asked to me in over 50 interviews I have appeared so far and also I use these questions in interviews I take. For some of the questions, I have already written tutorials with code samples. For example, I have written on WSDL structureSOAP handlersmessage attachments and wsimport tool.

1) What is the difference between SOAP and REST web services?
Ans: These is one of the most frequently asked question in Java interviews. Don’t go to interview without reading some content on how these two kind of web services behave. I shall write in detail about the differences between the two in future but for now bear in mind that they are completely different approaches to achieve the same target. The debate on which one is better has no end but when answering this question, you need to make sure that you keep the balance between the two and mention pros and cons of each type of web services.

While SOAP based web services rely heavily on XML standard, REST web services use the HTTP protocol methods PUT, GET, DELETE and POST for operations. If you haven’t written both kind of web services code then let me tell you first hand that it is very easy to write REST web services without making mistakes. For both SOAP and REST web services, there are frameworks out there in market which make the task of writing the web services simpler.

Another important difference which you should be mentioning in the answer to this question is that while REST web services can be invoked using simple HTTP clients and browser add-on , the invocation of SOAP based web services require some learning curve and creation of XML messages. The use HTTP helps web developers who may not have got much chance to play with XML.

2) Since JSP, ASP and PHP pages can be browsed by anyone using a HTTP client and hence platform independence, then what kind of platform independence do SOAP based web services bring?
Ans: JSP, ASP and PHP were not designed for platform independence but for writing code which can be sent to the web browser for rendering. There are no means by which a standard can be set between the developer and consumer of these websites designed using PHP, ASP, JSP. On the other hand, SOAP based web services define a protocol standard to have communication between the producer and consumer of web services. So basically the difference lies in the purpose for which these technologies were founded.

3) What are the components of WSDL and their significance?
Ans: WSDL provides information about the structure of SOAP message to be sent for invocation of different operations exposed by the web service.I have written a tutorial on WSDL components and their meaning.

4) Can we modify the header and body parts of SOAP messages so that some common operations like logging can be performed?
Ans: This can be achieved by using interceptors which intercept the message before sending and receiving it. An interceptor can be written on the client or server side and perform its job as defined in the code. These interceptors are known as handlers in JAX-WS specification. There are SOAPHandlers and LogicalHandlers which can do different processing on the server side and client side.

5) What steps do you follow for debugging the issues in your code?
Ans: There are a number of debugging techniques available for SOAP based web services. Every developer has its own set of favorite ways to find issues. Some of the commonly used ways to debug web services are:

  • Monitoring web services requests and response using some traffic analysis tools like tcpdump or Eclipse TCP/IP monitor.
  • Use some tools like soapUI or IBM InfoSphere
  • Use logs or System.out.println() for checking any coding issues.
  • Mention any special debugging techniques you have been using in your web services code.



What are the types of information included in SOAP header?

Header of SOAP contains information like that,
1. In SOAP header client should handle authentication and transaction.
2. The SOAP message should process by client.
3. EncodingStyle is also has in header.

How can you explain HTTP Binding in SOAP ?

Let us start with and example to inform you HTTP perform communication over TCP/IP.And TCP HTTP client can connect to an HTTP server.
When connection will established than using that connection client can send an HTTP request message to the server.
POST /item HTTP/1.1
Host: 189.123.345.239
Content-Type: text/plain
Content-Length: 200
Server processes this request and sends an HTTP response back to the client. The response contains has a status code that are use to indicate the status of the request.
200 OK
Content-Type: text/plain
Content-Length: 200
This server returned a status code of 200.This is also called as standard success code for HTTP.
If the server has unable to decode the request, it can returned something like.
400 Bad Request
Content-Length: 0
SOAP HTTP Binding: We use SOAP method to complies with the SOAP encoding rules.
A SOAP request may be an HTTP POST or an HTTP GET request.
HTTP POST request specifies at least two HTTP headers:
1. Content-Type
2. Content-Length
1. Content-Type: In case of Soap request and response, Content-Type header defines the MIME type for the message and the character encoding ( that is optional) used only for XML body of the request or response.
Content-Type MIMEType;
POST /item HTTP/1.1
Content-Type application/soap+xml; charset=utf-8
2. Content-Length: Using Content-Length header we specifies the number of bytes in the body of the request or response for a SOAP request and response.
Content-Length: bytes
POST /item HTTP/1.1
Content-Type: application/soap+xml; charset=utf-8
Content-Length: 250

Explain the differnece between fault and exception in Apache SOAP?

Difference b/w the fault and exception depends upon where these error occurs, may be they occour on client side or on server side.
Exception occurs on client side where as faulut occur on server side.
I have explain you with an example.We send an SOAP encoded request for which method that does not exist results in a SOAP fault whereas when server sends a response with a field that does not exist in a client side class

What are the  software components that we must used to build a SOAP server?

XML processor and HTTP Server are mandatory when you want to build SOAP Server.We have to use some other tools when you deal with different language.
When you deal with Visual Basic 6.0 or VBA than you must have to use either Microsoft SOAP TOOLkit or PocketSOAP.
When you deal with VB.Net or C# than you must have to use Visual Stdio.Net or .Net Framework.
When you deal with Delphi than you have to use Borland’s Web services.
When you deal with C++ than you have to use Systinet WASP Server for C++ or gSOAP.
When you deal with Java,Than their is a many choices for you like: Apache Axis, Systinet WASP Server for Java, The Mind Electric GLUE, Cape Clear Cape Connect, BEA Workshop, etc.
Most likely Java environments are WASP, GLUE, and Axis.

What is SOAP and how we can utilize this with Web components ?

SOAP is stands for Simple Object Access Protocol. SOAP was first comes in 1990 after that in 2000 it introduced to W3C.
In Web Component we use SOAP to send an request for to invoke programs on remote computers with using XML wrappers.
The main purpose to use SOAP in Web Service is that to send messages over HTTP protocol.

What are the element that we used in SOAP?

1. An envelope element is used to identifies and translates the XML document into a SOAP message.
2. A header element is used to contain header message.
3. A body is used to contain call and response message.
4. Fault element is used to communicate about the errors occurred during the process.

What are the disadvantages of SOAP?

Some disadvantages .
1. It is much slower than middleware technologies.
2. Because we used HTTP for transporting messages and not use to defined ESB or WS-Addressing interaction of parties over a message is fixed.
3. Application protocol level is problematic because usability of HTTP for different purposes is not present.


Introduction to Restful Web Services Using JAX-RS

RESTful web services are built to work best on the Web. Representational State Transfer (REST) is an architectural style that specifies constraints, such as the uniform interface, that if applied to a web service induce desirable properties, such as performance, scalability, and modifiability, that enable services to work best on the Web. In the REST architectural style, data and functionality are considered resources and are accessed using Uniform Resource Identifiers (URIs), typically links on the Web. The resources are acted upon by using a set of simple, well-defined operations. The REST architectural style constrains an architecture to a client/server architecture and is designed to use a stateless communication protocol, typically HTTP. In the REST architecture style, clients and servers exchange representations of resources by using a standardized interface and protocol.

RESTful Web Services utilize the features of the HTTP Protocol to provide the API of the Web Service. It uses the HTTP Request Types to indicate the type of operation:

GET: Retrieve / Query of existing records.
POST: Creating new records.
DELETE: Removing records.
PUT: Updating existing records.

Using these 4 HTTP Request Types a RESTful API mimics the CRUD operations (Create, Read, Update & Delete). REST is stateless, each call the to a RESTful Web Service is completely stand-alone, it has no knowledge of previous requests.

We are giving simple examples to create restful web services using JAX-RS standards.


What Are RESTful Web Services? 
Java API for RESTful Web Services 
Jersey User Guide



Restful Web Services Examples



- See more at: http://www.java2novice.com/restful-web-services/#sthash.KOcNMsXy.dpuf