Web Service

A web service is a server-side program that provides functionality that can be invoked and used at the programming level (interoperable architecture).

Last updated 7 months ago

Was this helpful?

Web Service

A web service is a server-side program that provides functionality that can be invoked and used at the programming level (interoperable architecture).

Remote Procedure Call (RPC) protocol that uses XML (usually over HTTP) to invoke functionality. Composed of <methodCall>, <methodName> and <params>.

<!-- Content-Type: text/xml -->

<methodCall>
    <methodName>examples.getValue</methodName>
    <params>
       <param>
 	  <value>RandomValue</value>
       </param>
    </params>
 </methodCall>

Remote Procedure Call (RPC) protocol using JSON. Composed of method, params, id.

// Content-Type: application/json-rpc

{"method": "sum", "params": {"a":3, "b":4}, "id":0}

Simple Object Access Protocol. Messaging protocol that uses XML and provides more functionality than XML-RPC. Composed of <soap:Envelope>, <soap:Header>, <soap:Body> and <soap:Fault>. Of which only Envelope and Body are mandatory.

(Web Services Definition Language) SOAP can optionally also provide a WSDL declaration that specifies how services can be used. Look for them with ?.wsdl, .wsdl, ?.disk, .disk or on : directory service for Public Web Service.

<!-- 
Content-Type: text/xml; charset = utf-8
[ SOAPAction: "OperationName" ] 
-->

<?xml version="1.0"?> 
<soap:Envelope
 xmlns:soap="http://www.w3.org/2003/05/soap-envelope/"
 soap:encodingStyle="http://www.w3.org/2003/05/soap-encoding">
   <soap:Header> ... </soap:Header>
   <soap:Body> 
        ... 
       <soap:Fault> ... </soap:Fault>
   </soap:Body>
</soap:Envelope>

Representational State Transfer. It usually uses XML or JSON and relies on sets or principles to build a Web service. RESTful APIs are usually based on HTTP verbs to determine the actions to be taken.

POST /api/2.2/auth/signin HTTP/1.1

<!-- Content-Type:text/xml -->
<tsRequest>
  <credentials name="A" password="B"> … </credentials>
</tsRequest>

// Content-Type:application/json
{ "credentials": 
    { "name": "A", "password": "B",  …  }
}

Use Wsdler extension of BurpSuite.

Last updated 7 months ago

Was this helpful?