SOAP (Simple Object Access Protocol) and REST (Representation State Transfer) both are beautiful in their own way. So I am not comparing them, instead, I am trying to depict the picture, when I preferred to use REST and when SOAP.
What is payload?
When data is sent over the Internet, each unit transmitted includes both header information and the actual data being sent. The header identifies the source and destination of the packet, while the actual data is referred to as the payload. In general, payload is the data that is carried on behalf of an application and the data received by the destination system.
Now for example I have to send a Telegram and we all know that the cost of the telegram will depend on number of words.
So tell me among below mentioned these two messages, which one is cheaper to send?
I know your answer will be second one although both representing the same message second one is cheaper in terms of cost.
So I am trying to say that, sending data over the network in Json format is cheaper than sending it in Xml format in terms of payload.
Here is the first benefit or advantages of REST over SOAP. SOAP only support XML, but REST supports different format like text, JSON, XML etc. And we already know, if we use Json then definitely we will be in better place in terms of payload.
Now, SOAP supports only XML, but it also has its own advantages.
SOAP relies on XML in three ways Envelope – that defines what is in the message and how to process it.
A set of encoding rules for data types, and finally the layout of the procedure calls and responses gathered.
This envelope is sent via a transport (HTTP/HTTPS), and an RPC (Remote Procedure Call) is executed and the envelope is returned with information in a XML formatted document.
Here important point is that one of the advantages of SOAP is the use of the “generic” transport but REST uses HTTP/HTTPS. SOAP can use almost any transport to send the request but REST cannot. So here we got an advantage of using SOAP.
As I already mentioned in above paragraph “REST uses HTTP/HTTPS”, so go bit deeper on these words.
When we are talking about REST over HTTP, all security measures applied HTTP are inherited and this is known as transport level security and it secures messages only while it is inside the wire but once you delivered it on the other side you don’t really know how many stages it will have to go through before reaching the real point where the data will be processed. And of course all those stages could use something different than HTTP.So Rest is not safer completely, right?
But SOAP supports SSL just like REST additionally it also supports WS-Security which adds some enterprise security features. WS-Security offers protection from the creation of the message to it’s consumption. So for transport level security whatever loophole we found that can be prevented using WS-Security.
Apart from that, as REST is limited by it's HTTP protocol so it’s transaction support is neither ACID compliant nor can provide two phase commit across distributed transnational resources.
But SOAP has comprehensive support for both ACID based transaction management for short-lived transactions and compensation based transaction management for long-running transactions. It also supports two-phase commit across distributed resources.
I am not drawing any conclusion, but I will definitely prefer SOAP based web service while security, transaction etc are the main concerns.
Here is the "The Java EE 6 Tutorial" where they have said A RESTful design may be appropriate when the following conditions are met. Have a look.
Hope you enjoyed reading my answer.