Re: FW: LC Comments: Web Method Feature

Mark Baker wrote:
> On Tue, Jul 09, 2002 at 02:53:51PM +0100, Marc Hadley wrote:
> 
>>>Right.  But still not non-orthogonal enough to be able to derive the
>>>method from the MEP. 8-)
>>>
>>(i) For the request-response MEP, only choice is POST because GET can't 
>>send request entity body (SOAP message).
> 
> Not exactly.  PUT can also transfer an entity body.  The issue with it
> is that its meaning, not any 2616/Section-8 consideration, prevents it
> from being used to transfer SOAP messages, at least when you want the
> SOAP processing model to be followed.
> 
As you say, the semantics of PUT prevent its use in the SOAP HTTP 
binding (which is what we are discussing here) - we've already ruled it 
out in a previous thread so why bring it up again ?

Can we then agree that for the request-response MEP, the only choice is 
POST ?

> 
>>(ii) For the response MEP, either GET or POST is possible. The missing 
>>piece of information is whether the operation is safe or not. If it is 
>>safe then GET should be used, if not then POST should be used.
>>
>>So, I would argue that the two pieces of information that are required 
>>to decide on a suitable HTTP method are the MEP and whether the 
>>operation is safe.
> 
> 
> HEAD is safe.
 >
Indeed it is, but it can't be used to transfer SOAP messages in either 
direction AFAIK. So HEAD is out of the running for use in that purpose.

Note, I'm not saying that an implementation of the SOAP HTTP binding 
couldn't make use of HEAD at all, just that it couldn't make use of HEAD 
to transfer a SOAP message.

> So is WebDAV PROPFIND (despite its flaws).
I thought we were discussing the SOAP/HTTP 1.1 binding, not the 
SOAP/WebDAV binding.

> I think
> OPTIONS is safe too, in practice.
 >
Like HEAD, OPTIONS can't be used to transfer SOAP messages in either 
direction AFAIK. So OPTIONS is also out of the running for use in that 
purpose.

 > Perhaps new safe methods will be
 > added later.
 >
Perhaps. One idea I have heard is a safe version of POST (GET with 
request entity body). This would fit in quite well with the MEP+safe 
property abstraction.

> So just knowing whether something is "safe" isn't enough
> to know which method to use.
> 
I disagree, it *is* enough in the context of the SOAP HTTP binding 
because you can rule-out methods that can't be used to carry SOAP messages.

Regards,
Marc.

-- 
Marc Hadley <marc.hadley@sun.com>
XML Technology Centre, Sun Microsystems.

Received on Tuesday, 9 July 2002 12:20:48 UTC