Key Roles of Session State: Not against REST Architectural Style

Author

Inoue, Takeru ; Asakura, Hiroshi ; Sato, Hiroshi ; Takahashi, Noriyuki

Author_Institution

NTT Network Innovation Labs., Yokosuka, Japan

fYear

2010

fDate

19-23 July 2010

Firstpage

171

Lastpage

178

Abstract

The modern Web architecture basically follows the Representational State Transfer (REST) style. This style offers the architectural properties necessary to implement the Internet-scale Web. However, most authentication and delegation technologies that rely on session state actually deviate from the REST style. It must be noted, however, that the diversity of these technologies is imperative for the success of the Web. In this paper, we make a detailed analysis of current authentication and delegation technologies including OpenID and OAuth as well as HTML forms and cookies, and find that session state has an important role in terms of the diversity of the technologies. We also clarify that the negative impact of session state on the REST style is rather limited. On the basis of our analysis, this paper introduces the REST Using Session (RESTUS) architectural style, which is an extended REST style for sessions; this style places a session constraint on component interactions and so induces some properties required for the diversity.

Keywords

Internet; authorisation; hypermedia; software architecture; transport protocols; HTML; Internet; OAuth; OpenID; REST architectural style; Web architecture; authentication technology; delegation technology; representational state transfer; session state; Authentication; Context; HTML; Reliability; Scalability; Servers; Web sites; REST; Web; architectural style;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference (COMPSAC), 2010 IEEE 34th Annual

Conference_Location

Seoul

ISSN

0730-3157

Print_ISBN

978-1-4244-7512-4

Electronic_ISBN

0730-3157

Type

conf

DOI

10.1109/COMPSAC.2010.64

Filename

5676257