Top 45 Web Services Interview Questions and Answers (RESTful, SOAP, Security questions)

Top Web Services Interview Questions with answers:

In today’s scenario, when we talk about basic necessities of living a technically advanced life, “World Wide Web i.e. www” acts as an essential factor.

In the market, there are varieties of web application developed on different programming platforms. It becomes very difficult to ensure complete and accurate associations between these heterogeneous applications.

The solution to such problem is ‘Web services’ which actually acts as a means of communications between these multiple web applications developed with different programming languages. We services use standardized XML messaging system which is easily available over the internet or private networks.

Web services are a very vast topic. This includes its architecture, components like Simple Object Access Protocol (SOAP), Web Services Description Language (WSDL), RESTful web services, Web services security, etc.

In this article, I will cover every part of Web services topic for which you must be well acquainted of, in order to answer any level questions. You will also see the best web services interview question and answers in categories so that if required, you can get through a particular section only.

Web Services Interview Questions and Answers

Web Services Interview Questions

Includes questions on web services testing questions, restful web services, soap web services, web services security interview questions.

General questions:

Q 1) Explain Web Services?

Ans: A Web Service can be defined as an application component for communication or say exchanging information between two applications over the network. Web services basically work on client server model where web services are easily accessible to client applications over the network.

To enable communication between various applications, web services take the help of open standards like XML (for data tagging), SOAP (for message transferring) and WSDL (to denote service availability).

Q 2) What are the components of web service?

Ans: The different components of web services are

  • SOAP- Simple Object Access Protocol
  • UDDI- Universal Description, Discovery, and Integration
  • WSDL- Web Service Description language
  • RDF- Resource Description Framework
  • XML- Extensible Markup Language

Q 3) Explain the term Interoperability with respect of Web services?

Ans: The term ‘Interoperability’ is widely used in product marketing description which defines the ability of different products or systems working together without any special effort from the customer part.

This is applicable in the same way when we talk about ‘Interoperability’ in terms of web services. Here it determines the communication between various applications, sharing of data as well as services among themselves. There is no restriction on the type of application to be in communication. If any code is written, it will be treated as generic code that will be understood by all application. Thus, the cost of writing specific codes for each application is reduced.

There is no restriction on the type of application to be in communication. If any code is written, it will be treated as generic code that will be understood by all application. Thus, the cost of writing specific codes for each application is reduced.

Q 4) Define web service protocol stack and its layers?

Ans:  Web service protocol stack consists of 4 layers. This can be described as follows

1) Service transport: This is the first layer which helps in transporting XML messages between various client applications. This layer commonly uses the below-mentioned protocols:

  • HTTP(Hypertext Transport Protocol)
  • SMTP(Simple Mail Transport Protocol)
  • FTP(File Transfer Protocol)
  • BEEP(Block Extensible Exchange Protocol)

2) XML messaging: This layer is based on the XML model where messages are encoded in common XML format which is easily understood by others. This layer includes

  • XML-RPC
  • SOAP(Simple Object Access Protocol)

3) Service description: This layer contains description like location, available functions, and data types for XML messaging which describes the public interface to a specific web service. This layer includes:

  • WSDL(Web Service Description Language)

4) Service discovery: This layer is responsible for providing a way to publish and find web services over the web. This layer includes:

  • UDDI(Universal Description, Discovery, and Integration)

Q 5) Explain web service architecture?

Ans: Web service framework consists of an architecture which consists of three different layers. The roles of these layers are defined as below

  • Service Provider: As the name denotes, service provider role is to create the web service and makes it accessible to the client applications over the internet for their usage.
  • Service Requestor: Service requestor is basically any consumer of web service like any client application. Client applications are written in any language contact web service for any type of functionality by sending XML request over the available network connection.
  • Service Registry: Service registry is the centralized directory which helps locate web services for client applications. Here we can find the existing web services, as well as developers, can also create the new one.

The Service Provider uses the ‘Publish’ interface of Service Registry to make the existing web services available to client applications. With all the information provided by the service registry, service requestor is able to bind or invoke services.

Q 6) What do you understand by XML-RPC?

Ans: RPC is Remote Procedure Call and as the name suggests, it is the method of calling a procedure or function available on any remote computer.

XML stands for Extensible Markup Language. Thus XML-RPC represents a simple protocol that performs RPCs by using XML messaging. This has been considered as an excellent tool for connecting different environments and also establishing connections between wide varieties of computers.

Q 7) Explain features of XML-RPC?

Ans: The major features of XML-RPC are enlisted below

  • RPCs are performed using simple XML language.
  • XML encoded Requests are sent via HTTP POST.
  • XML Response is embedded in HTTP response.
  • It is considered as platform-independent.
  • It allows communication between diverse applications.
  • It uses HTTP protocol for passing information between client and server computers.
  • It has small XML vocabulary for describing request and response’s nature.

Q 8) Enlist few advantages of web services?

Ans: We have already discussed web services, its architecture, components. Now, let us see some its advantages

  • Every application is now on the internet and it the web service which provides some sort of required functionality to the client applications.
  • Web services help in exposing the existing functionalities over the network to help other applications to use in their programs.
  • It has features like ‘Interoperability’ which determines the communication between various applications, sharing of data as well as services among themselves.
  • Web services use the standardized web service protocol stack for communication which consists of 4 layers namely, Service Transport, XML messaging, Service description and Service discovery.
  • It has the feature of the low cost of communication because of the usage of SOAP (Simple Object Access Protocol) over HTTP protocol.
  • Easy to deploy, integrate and is reusable.
  • Allows simple integration between different feature as a part of loose coupling feature.

Q 9) Explain the term UDDI with its features?

Ans: UDDI is an XML-based standard in the service discovery layer of web service protocol stack. It is used for publishing and finding web services over the web as it acts like a directory. Some of the features of UDDI are explained below

  • It is an open framework and is platform independent.
  • SOAP, COBRA, and Java RMI protocols are used for communication.
  • It helps businesses to discover each other and enable interaction between them over the internet.
  • It acts as a database containing all WSDL files.

Q 10) Which language is used by UDDI?

Ans: UDDI uses the language known as WSDL (Web Service Description Language)

Q 11) Explain BEEP?

Ans: BEEP stands for Blocks Extensible Exchange Protocol. BEEP is determined as building new protocols for the variety of applications such as instant messaging, network management, file transfer etc. It is termed as new Internet Engineering Task Force (IETF) which is layered directly over TCP. It has some built-in features like

  • Authentication
  • Security
  • Error handling
  • Handshake Protocol

Q 12) Enlist few tools used to test web services?

Ans: To test Web services, below-mentioned tools are used

  • SoapUI
  • REST client
  • JMeter

Q 13) Do we require any special application to access web service?

Ans: The only requirement for accessing web services from any application is that it must support XML-based request and response. There is no need or say the requirement of installing any application for accessing web services.

RESTful Web Services Interview Questions

Q 14) What do you know about RESTful Web Services?

Ans: REST stands for Representational State Transfer. REST is defined as the stateless client-server architectural style for developing application accessed over the web. When web services use HTTP methods to implement the concept of REST architecture, then it is known as RESTful Web services. In this architectural style, data and functionality are served as resources and is accessed by URI (Uniform Resource Identifiers).

RESTful web services enable web services to work best by inducing properties like

  • Performance
  • Scalability
  • Modifiability

Q 15) Explain the advantages of RESTful web services?

Ans: Enlisted below are the advantages of RESTful web services

  • They are considered as language and platform independent as these can be written in any programming language and can be executed on any platform.
  • REST is lightweight protocol and is considered as fast because of less consumption of bandwidth and resources.
  • It supports multiple technologies and different data formats like plain text, XML, JSON, etc.
  • It has loosely coupled implementation and can be tested easily over browsers.

Q 16) Differentiate SOAP and REST?

Ans: Difference between SOAP and REST can be easily understood from the below table

SOAPREST
Simple Object Access Protocol (SOAP) serves as a standard protocol for web service creation.Representational State Transfer (REST) is an architectural style for web service creation.
Web services and clients are tightly coupled and define some standards that are to be strictly followed.It does not follow too many standards and is loosely coupled.
It requires more bandwidth and resource as well as uses service interfaces for exposing business logic.It requires less bandwidth and resource as well as uses URI (Uniform Resource Identifiers) for exposing business logic.
It is usually less preferred and permits XML data format only.It is usually more preferred and permits data formats like Plain text, HTML, JSON, etc.
Java API for SOAP web service is JAX-WS.Java API for RESTFUL web service is JAX-RS.
SOAPUI can be used for testing SOAP web services.Browsers and extensions such as Chrome postman are used for testing REST web services.
It defines its own security and uses WSDL contract for binding web services and client programs.It does not have any defined contract as well as does not have its own security methods.

Q 17) Explain different HTTP methods supported by RESTful web services?

Ans: Enlisted below are some common HTTP methods along with their functions that are supported by RESTful web services

  • GET: Read-only access to the resource.
  • PUT: Creation of new resource.
  • DELETE: Removal of a resource.
  • POST: Update of an existing resource.
  • OPTIONS: Get supported operations on the resource.
  • HEAD: Returns HTTP header only, nobody.

Q 18) What is a resource in RESTful web service and how it is represented?

Ans: Resource is said to be a fundamental concept having a type and relationship with other resources. In REST architecture, each content is considered as the resource and they are identified by their URIs.

Resources are represented with the help of XML, JSON, text etc in RESTful architecture.

Q 19) What are the core components of HTTP request and HTTP response?

Ans: HTTP request has following 5 major components

HTTP RequestsMeaning/work
VerbIndicate HTTP methods like GET, PUT, POST, etc
URIIdentifies the resource on server
HTTP VersionIndicates version.
Request HeaderContains metadata like client type, cache settings, message body format, etc for HTTP request message.
Request BodyRepresents content of the message.

HTTP response has following 4 major components

HTTP ResponseMeaning/work
Status/Response codeIndicates the status of the server for requested resource.
HTTP versionRepresents HTTP version.
Response HeaderConsists of metadata like content length, content type, server length, etc for HTTP response message.
Response BodyRepresents response message content.

Q 20) What is the purpose and format of URI in REST architecture?

Ans: Purpose of URI is to locate resources on the server that are hosting web services.

Format of URI

<protocol>://<service-name>/<ResourceType>/<ResourceID>

Q 21) Explain the term statelessness in terms of RESTful web services?

Ans: In REST architecture, there is a restriction where a REST web service is not allowed to keep a client state on the server. Such condition is known as ‘Statelessness’. In such situation, the client passes its context to the server and in turn, the server stores the context in order to process client’s further requests.

Q 22) Enlist advantages and disadvantages of statelessness?

Ans: The advantages of statelessness include

------------

  • Each and every method requests are treated independently.
  • Application design is simplified as it does not maintain client’s previous interaction.
  • Works with HTTP protocol as it shares the feature of being statelessness.

The disadvantage of statelessness includes

  • Every time client interaction takes place, web services are to be provided with extra information about each request so that they can interpret the client’s state.

Q 23) For designing a secure RESTful web service, what are the best factors that should be followed?

Ans: As HTTP URL paths are used as a part of RESTful web service, so they need to be secured. Some of the best practices include the following

  • Perform validation of all inputs on the server from SQL injection attacks.
  • Perform user’s session based authentication whenever a request is made.
  • Never use sensitive data like username, session token password, etc through URL. These should be passed via POST method.
  • Methods like GET, POST, PUT, DELETE, etc should be executed with proper restrictions.
  • HTTP generic error message should be invoked wherever required.

SOAPUI Web Services

Q 24) Define SOAP web services?

Ans: Simple Object Access Protocol (SOAP) is defined as the XML based protocol which is known for designing and developing web services as well as enabling communication between applications developed on different platforms with different programming languages over the internet. It is both platform and language independent.

Q 25) What are the various approaches available for developing SOAP based web services?

Ans: There are basically 2 different approaches available for developing SOAP-based web services. These are explained as follows

  • Contract-first approach: In this approach, the contract is defined first by XML and WSDL and then java classes are derived from the contract.
  • Contract-last approach: In this approach, java classes are defined first and then the contract is generated which is usually the WSDL file from the java class.

“Contract-first” method is the most preferred approach.

Q 26) Explain the major obstacle faced by SOAP users?

Ans: One of the major hindrance observed by users of SOAP is the ‘Firewall security mechanism’. In this case, all the HTTP ports except those which bypass firewall are locked. In some cases, a technical issue of mixing specification of message transport with message structure is also observed.

Q 27) What are the advantages and disadvantages of SOAP?

Ans: Enlisted below are advantages of SOAP web services

  • SOAP allows communications between various applications and it is both language and platform independent.
  • It is very simple as well as uses standard HTTP protocol and XML for sending and receiving messages.
  • It defines and uses its own security known as WS security.
  • It decouples the encoding and communication protocol from the runtime environment.
  • It eradicates firewall problems and is vendor neutral.
  • It allows circulation of messages in distributed and decentralized environment.

Enlisted below are disadvantages of SOAP web services

  • Lightweight formats other than XML are not supported.
  • Not easily testable on browsers.
  • Security facilities are not present.
  • SOAP is slow and cannot be easily tested on the browser.
  • Web services and clients are tightly coupled and define some standards that are to be strictly followed.

Q 28) What are the elements of a SOAP message?

Ans: SOAP is just like other XML document and has following elements

  • Envelope: This element is defined as the mandatory root element. It translates the XML document and determines the start and end of the SOAP message.
  • Header: This element contains the optional header attributes of the message that contains specific information of the application. This element can occur multiple times and are intended to add new features and functionalities.
  • Body: This element is mandatory and contains the call and response messages. It is also defined as the child element of the envelope containing all the application derived XML data that has been exchanged as a part of SOAP message.
  • Fault element: Errors that occur during processing of the messages are handled by the fault element. If the error is present, then this element appears as a child element of the body. However, there can only be one fault block.

Q 29) What are the important characteristics of SOAP envelope element?

Ans: We have seen the basic work of a SOAP envelope element in the previous answer, now let us see some of its characteristics

  • SOAP envelope is a packaging mechanism.
  • Every Soap message has a mandatory root envelope message.
  • Only one body element is allowed for each envelope element.
  • As the SOAP version changes, envelope changes.
  • If the header element is present, it should appear as the first child.
  • Prefix ENV and envelope element is used for specification.
  • A namespace and an optional encoding style are used in case of optional SOAP encoding.

Q 30) Enlist few syntax rules applicable for SOAP message?

Ans: Enlisted below are some important syntax rules that are applicable for SOAP message

A SOAP message

  • Must be encoded using XML.
  • Must use the SOAP envelope namespace.
  • Must use the SOAP encoding namespace.
  • Must not contain the DTD reference.
  • Must not contain XML processing instructions.

Q 31) Define SOA?

Ans: A Service Oriented Architecture (SOA) is basically defined as an architectural pattern consisting of services. Here application components provide services to the other components using communication protocol over the network. This communication involves data exchanging or some coordination activity between services.

Some of the key principles on which SOA is based are mentioned below

  • The service contract should be standardized containing all the description of the services.
  • There is loose coupling defining the less dependency between the web services and the client.
  • It should follow Service Abstraction rule, which says the service should not expose the way functionality has been executed to the client application.
  • Services should be reusable in order to work with various application types.
  • Services should be stateless having the feature of discoverability.
  • Services break big problems into little problems and allow diverse subscribers to use the services.

Q 32) Explain the actions performed by SOAPUI?

Ans: SOAPUI is an open-source, free and cross-platform functional testing solution. Mentioned below are some actions performed by SOAPUI

  • It can help create functional, security and load testing test suites.
  • Data driven testing and scenario based testing is also performed.
  • It has the ability to impersonate web services as well as has got built-in reporting abilities.

Web Services Security

Q 33) What are the primary security issues of web service?

Ans: To ensure reliable transactions and secure confidential information, web services requires very high level of security which can be only achieved through Entrust Secure Transaction Platform. Security issues for web services are broadly divided into three sections as described below

1) Confidentiality: A single web service can have multiple applications and their service path contains a potential weak link at its nodes. Whenever messages or say XML requests are sent by the client along with the service path to the server, they must be encrypted. Thus, maintaining the confidentiality of the communication is a must.

2) Authentication: Authentication is basically performed to verify the identity of the users as well as ensuring that the user using the web service has the right to use or not? Authentication is also done to track user’s activity. There are several options that can be considered for this purpose

  • Application level authentication
  • HTTP digest and HTTP basic authentication
  • Client certificates

3) Network Security: This is a serious issue which requires tools to filter web service traffic.

Q 34) What do you know about foundation security services?

Ans: Foundation security services consist of the following

  • Integration
  • Authentication
  • Authorization
  • Digital Signatures
  • Encryption processes

Q 35) What is Entrust Identification Service?

Ans: Entrust Identification Service is categorized under Entrust Secure Transaction Platform which provides essential security capabilities to ensure secure transactions. This usually allows companies to fully control the identities that are trusted to perform web service transactions.

Q 36) What is Entrust Entitlements Service?

Ans: Entrust Entitlement service is those whose task is to verify the services that are attempting to access the web services. It basically ensures security in business operations as well as some authentication services.

Q 37) What is Entrust Privacy Service?

Ans: As the name suggests, Entrust Privacy Service perform encryption of the data so that only concerned parties are able to access the data. It basically deals with two factors

  • Confidentiality
  • Security

WSDL Interview Questions

Q 38) Explain WSDL?

Ans: WSDL stands for Web service Description Language. It is a simple XML document which comes under the Service Description layer of Web Service Protocol Stock and describes the technical details or locates the user interface to web service. Few of the important information present in WSDL document are

  • Method name
  • Port types
  • Service end point
  • Method parameters
  • Header information
  • Origin, etc

39) What are the different elements of WSDL documents?

Ans: The different elements of WSDL document along with brief description is enlisted below

  • Types: This defines the message data types, which are in the form of XML schema, used by the web services.
  • Message: This defines the data elements for each operation where messages could be the entire document or an argument that is to be mapped.
  • Port Type: There are multiple services present in WSDL. Port type defines the collection of operations that can be performed for binding.
  • Binding: Determines and defines the protocol and data format for each port type.
  • Operations: This defines the operations performed for a message to process the message.

Q 40) Explain the message element in WSDL?

Ans: Message element describes the data that has been exchanged between the consumer and the web service providers. Every web service consists of two messages and each message has zero or more <part> parameters. The two messages are

  • Input: Describes the parameter for the web service
  • Output: Describes the return data from the web service.

Q 41) Enlist the operation types response used in WSDL?

Ans: WSDL basically defines 4 types of Operation type responses. These are enlisted below

  • One-way: Receives a message but does not return response.
  • Request-Response: Receives a request and return a response.
  • Solicit-Response: Sends a request and wait for a response.
  • Notification: Sends a message but does not wait for a response.

Among these, Request-Response is the most common operation type.

Q 42) Is binding between SOAP and WSDL possible?

Ans: Yes, it is possible to bind WSDL to SOAP. The binding is possible by basically two attributes

  • Name: Defines the name of the binding.
  • Type: Defines the port for the binding.

For SOAP binding, two attributes need to be declared

  • Transport: Defines the SOAP protocol to be used i.e. HTTP.
  • Style: This attribute can be ‘rpc’ or ‘document’.

Q 43) Explain <definition> element?

Ans: Definition element is described as the root of WSDL document which defines the name of the web service as well as act as a container for all the other elements.

Q 44) What are the two attributes of <Port> element in WSDL?

Ans: Every port element is related to a specific binding by defining an individual endpoint. The port element has following two attributes

  • Name: This attribute provides the unique name within the WSDL document.
  • Binding: This attribute refers to the process of binding which has to be performed as per the linking rules defined by WSDL.

Q 45) What are the points that should be considered by ports while binding?

Ans: WSDL allows extensibility elements which are used to specify binding information. Below are few important points that should be kept in consideration while binding.

A port must not

  • Specify more than one address.
  • Specify any binding information other than address information.

Conclusion

This article contains all commonly asked questions on web services. Although the topic is very vast, but I have covered every section. This will help you learning and be answering web services related topics.