Apache CXF Best Practices

Jump to navigation Jump to search

Home of CXF

JAX-RS Security

See setting up a basic service (with security)

Maven Problems

I always face problems with my friend Maven.

The command line sometimes gives you a lot information, so do:

mvn clean; mvn package; unzip -l target/XYZ.war

This shows you also, if all the dependencies are correctly in the WAR file. Remember, that e.g. log4j is already in the Tomcat, so don't package it into the WAR.

The MvnRepository Web Site helps.

Example POM with excludes:

    <!-- Spring LDAP -->
    <!-- Log4j -->

Some explanations of important details:

  • scope = provided tells maven to exclude the dependency from WAR file
  • scope = compile tells maven to include the dependency from WAR file
    • The exclusion list tells, which JARs should not go to the WAR/lib

btw: Spring LDAP

Exceptions: Mapping to HTTP Error Codes

Service Class

public class CustomerRestEndpoint {
    public Response doit() {
	try {
		 ... do business calls
	} catch ( NamingException ne ) {
		throw new IdentiyMgrServerException( "Detailed problem description. ("+ne.getMessage()+")" );
	} catch ( OtherException oe) {
		// ...

This is handled perfectly, if the Exception class looks like this:

 import javax.ws.rs.WebApplicationException;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 public class IdentiyMgrServerException extends WebApplicationException {
    public IdentiyMgrServerException( String message ) {
        super( Response.status( Response.Status.INTERNAL_SERVER_ERROR ).entity(message).type( MediaType.TEXT_PLAIN ).build() );

WebApplicationException is a RuntimeException, handled by CFX to generate a HTTP response. Example:

HTTP Response Header
Status Code: 500 Internal Server Error
Connection: close
Content-Length: 10
Content-Type: text/plain
Date: Sun, 20 Oct 2013 15:54:47 GMT
Server: WSO2 Carbon Server
Response Body
Test exception message text.