web-servicesrestframeworksaxis2capache-wink

Should I stick to axis2c or move to apache wink?


We have a webservice built in Axis2/c in which the methods in turn calls an in-house application on the server. Since Axis2/c was widely accepted to be good as far as performance and stability was concerned, we were sticking to it. But now we're trying to make it RESTful [not completely, although I'm more towards making it truly RESTful, I couldn't win this time :( ].

I couldn't find any good tutorials on RESTful services in axis2/c. But searching around google & stackoverflow got me curious about apache wink. Should I move away from axis2/c? If so is wink a good choice? I'm a dot net developer so I'm fairly new to this world, but which one will serve the need? Please suggest other frameworks as well.

My concerns are:

  1. performance
  2. security
  3. make the service simple enough that client side development becomes quite easy
  4. authentication mechanism to use.

PS: I know that I've asked lot of questions, sorry but I'm just a curious newbie.


Solution

  • I'll try to answer the concerns:

    1. Performance: when talking about REST (well actually it's the same about SOAP), most of the time is spent for serialization/deserialization of objects (assuming the the actual application logic is very fast). In SOAP you must serialize to xml and in Axis2 you have choice which framework to use. For example you can use JiBX, which probably does it best.
      In REST, you can decide if you want to serialize to xml or may be another representation (e.g. json) which will be faster.
      About 1.5 years ago I did some comparison of REST frameworks and actually Wink had the best performance in most scenarios (I compared it to Jersey, Restlet and Resteasy). To ignore the serialization part, I made them all use the same implementation of JAXB. But again: most of the time is spent to serialization. So the difference between the frameworks is not so huge.

    2. Security - Wink as any other RESTful web service is based on HTTP. It doesn't provide any additional security. You can use SSL/TSL, or basic/digest authentication. You can use SAML, or whatever you want. Just every other HTTP call.

    3. It's your design. If you make it simple, it will be simple :)

    4. Again: it's HTTP. If you have SSL/TSL, you can use basic authentication. If not, you may want to use digest.

    Brief summary: personally I prefer RESTful webservices to SOAP. Although you don't get all the WS* stack, somehow it is better defined, more flexible and easier to understand.
    Apache Wink is a great framework, well documented with a lot of samples, and will probably answer all your needs, but to be honest, Jersey is not bad either.