Hands-on CXF Web Services Training

Learn Apache CXF web services development with training from an expert in the field who is also a CXF committer. Apache CXF builds on the JAXB, JAX-WS, and JAX-RS standards, but supports many added features for usability and versatility. This training covers everything from the basics of REST and SOAP web services on CXF to the darkest reaches of WS-Security and related extension technologies, with options for in-depth coverage of web service design, XML schema usage, and more.

Your team will learn how to use CXF for both direct execution and deployment to web servers such as Apache Tomcat (or optionally, to an OSGi container). In-class assignments are supplied with both Maven console builds and Eclipse project files, and Eclipse is used for coding demonstrations. Optimum class size is 6-12 developers, though somewhat larger numbers can be accommodated with pair programming.

The basic CXF introduction that covers using CXF for both REST and SOAP web services, with a range of configuration and deployment options, can be delivered in 2 days time. Coverage of advanced features such as WS-Security and related standards, WS-ReliableMessaging, Apache Camel integration, and XML schema design take the class up to 4 days or more, depending on the options chosen. You can also combine the CXF training with the full Web Services Security material, rather than the abbreviated version shown in the outline below.

Course Objectives

  • Learn to work with JAXB, JAX-RS, and JAX-WS for web services in Java
  • Understand how CXF processes JSON and XML messages
  • Understand the pros and cons of REST vs. SOAP web services
  • Learn how to configure and monitor CXF operation, both directly and using Spring
  • Understand the structure and role of WSDL, WADL, and XML schema in web services
  • Understand and know how to apply security in web services
  • Get practical experience in applying all this to real web service projects

Attainment of course objectives is measured by performance on in-class assignments and snap quizes for each module. Certificates of completion are available for attendees who demonstrate their grasp of the material and ability to apply it to practical problems.

Course Prerequisites

  • Intermediate Java programming experience
  • Basic knowledge of XML and HTTP (can be covered in more depth in class if appropriate)

Core Course Outline

Part I - Getting started

  1. Web services in a SOA world
  2. XML and JSON data exchange
  3. XML Schema basics
  4. JAXB to and from schema
  5. Schema limitations and concerns


  1. Specifying data for exchange
  2. Working with JAXB code generation

Part II - CXF REST web services

  1. Principles of REST
  2. JAX-RS client and server in CXF
  3. Deploying and controlling CXF service
  4. JSON vs. XML data exchange
  5. Monitoring and debugging message exchanges
  6. CXF interceptor architecture and configuration
  7. Added CXF extensions for REST
  8. REST pros and cons


  1. REST client and server implementation
  2. Monitoring and debugging client and server
  3. Defining and using REST exceptions

Part III - CXF SOAP web services

  1. SOAP message structure
  2. WSDL structure and usage
  3. JAX-WS client and server in CXF
  4. Understanding CXF message flows
  5. WS-Addressing purpose and usage
  6. SOAP pros and cons


  1. SOAP client and server implementation
  2. Adding Fault handling to implementation
  3. Adding WS-Addressing to message exchanges

Part IV - Starting from existing code (optional)

  1. Using JAXB and JAX-WS standard annotations
  2. Jibx2Wsdl usage:
    1. Operation and features
    2. Customizations structure
    3. Building clean WSDL+schema from code
  3. Issues with code-first approach


  1. Generating WSDL and schema from JAXB/JAX-WS annotations
  2. Jibx2Wsdl service creation
  3. Customizing Jibx2Wsdl generation
  4. Implementing CXF JAXB/JAX-WS service and client

Part V - CXF architecture

  1. Understanding the Bus
  2. Using and implementing interceptors
  3. Transport configuration and usage
  4. Asynchronous SOAP services
  5. SOAP extension technologies in CXF


  1. Implementing and using a custom interceptor
  2. Configuring HTTP/HTTPS transport options
  3. Implementing asynchronous client operation

Part VI - Dealing with performance

  1. REST vs. SOAP performance
  2. Structuring operations and XML for performance:
    1. Reducing the number of message exchanges
    2. Reducing message sizes
    3. Using attachments for large data items


  1. Restructuring service and XML for performance
  2. Adding attachment support to client and server

Part VII - Securing web services (basic version - see Web Services Security)

  1. Understanding keys and certificates
  2. SSL for point-to-point security
  3. WS-Security:
    1. Basis in XML encryption and signature
    2. Understanding WS-Policy and WS-SecurityPolicy
    3. Implementing common options
  4. Performance costs of security
  5. Choosing appropriate security


  1. Implementing transport security on server
  2. Passing client identification to server (UsernameToken)
  3. Enabling WS-Security message signing and encryption

Part VIII - Advanced stack features

  1. OSGi service deployment
  2. Apache Camel integration for message routing and mediation:
    1. Routing requests to CXF service
    2. JMS transport through Camel
    3. Implementing extended processing
  3. WS-ReliableMessaging:
    1. WS-ReliableMessaging principles
    2. Configuring and using WS-ReliableMessaging


  1. Deploying services to OSGi
  2. Routing requests using Camel
  3. WS-ReliableMessaging client implementation