User guide
Web Services, CLI Scripting and OpenFlow Web Services Overview
OmniSwitch AOS Release 7 Switch Management Guide March 2015 page 11-3
• Names Resources: all resources are named using a Uniform Resource Identifier (URI). Their location
is defined using a complete URL. No URL is to be manually recreated client-side based on previous
assumptions. All URLs are assumed to be canonical.
• Uniform Interface: all resources can be thought of as nouns: as hinted before, both state representation
and functionality are expected to be represented using nouns; and accessed using a minimal set of
verbs: GET, POST, PUT, and DELETE.
• Media Types: These are to be used to identify the type of resources being dealt with.
REST Verbs
As described earlier, only a small set of verbs are be used. They are:
• GET: To retrieve information. It is a rough equivalent to SNMP/MIP GET but also, at a higher level, a
SHOW command. This is exclusively for read-only, side-effect free commands.
• PUT: To create new information. For instance, a new VLAN. This is a write operation.
• POST: The same action used when submitting web forms is used, in a Web Service context, to update
existing information.
• DELETE: To delete information. This verb is used to delete resources.
Unsupported verbs will cause the Producer to return an error diagnostic such as '405 Method Not Allowed'
Web Service routing
The producer (server-side) is implemented by piggybacking on top of the existing Webview architecture.
WebView continues to provide web pages as usual. However, when a certain URL is requested ("Web
Service Endpoint"), information is interpreted and delivered using alternative formats such as JSON or
simple XML, rather than HTML pages or HTML forms.
Security
Security is maintained through the use of backend sessions and frontend cookies which is the same as
current HTTP security for thin clients.
• Authentication - Adheres to a web-service model, through its own REST domain and use of the GET
verb.
• Authorization - Follows the usual authorization mechanism already in use in WebView, where
WebView checks with Partition Manager what permission families a user belongs to, thus specifying
which MIB tables are accessible to that user.
• Encryption - Follows the same model as WebView: if unencrypted access ("HTTP") is allowed, then
the Web Service is allowed over the same transport. Similarly, if listening HTTP/HTTPS ports are
changed, the Web Service will be available through those ports.
AOS REST Implementation
All requests are performed through a URL being in accordance with the principles of REST. The following ele-
ments are used to build the REST URL:
Protocol - The protocol can be 'http' which defaults to port 80, or 'https' which defaults to port 443.