Home About Courses Schedule Services Webinars Contact Search

Core Web Services for J2EE Developers


Duration: 3.0 days

Method: Instructor led, Hands-on workshops

Price: $1800.00

Course Code: JA1600


This is an introductory to intermediate level training course, designed for experienced Java developers and architects who need to identify, design, and implement web services. We will explore and apply the terminology, the specification, the processes and technologies specific to web services.


Geared for experienced developers, Core Web Services for J2EE Developers is a three day, lab-intensive course that introduces developers to the core standards that enable Web Services. This course focuses on what separates an ad hoc set of web services (NOT SOA) from a managed, vibrant, reusable catalog of enterprise services (definitely SOA). It provides an overview of the entire spectrum from the promise of cloud computing to the grit of XML content.

It provides them hands-on experience with implementations of the Java XML and Web Service APIs including JAXP, JAXB, JAX-WS, WSEE, and XWSS. In terms of Java, the focus is on using the JAX-WS and JAXB APIs and implementations as the basic for generating and deploying web services and service clients.

SOA and Web Services represent a groundbreaking evolution in distributed computing. The concepts are not altogether new, but the application of them, and the unanimous acceptance of core standards like HTTP, XML, SOAP, WSDL, and the various WS-* policies, has paved the way for XML Web Services and service-oriented architectures. An overreaching concern related to services is security. Various aspects of security are woven into this course, allowing students to see the entire spectrum of issues as well as solutions. These include encryption, digital signatures, authentication and authorization assertions, and recognized application security issues such as Cross-Site Scripting and Injection attacks.


Upon successful completion of this course, the student will be able to:

  • Understand and apply the basic concepts of SOA to the identification and design of web services
  • Understand and intelligently discuss Web Services and the core technologies involved
  • Understand and apply the basic concepts of SOA to the identification and design of web services
  • Appreciate the concept of layered services including orchestration
  • Understand and intelligently discuss Web Services and the core technologies involved
  • Design, develop, and deploy real-world J2EE Web Services
  • Expose existing Java components as XML Web Services
  • Write Java components that access remote Web Services hosted by a third party
  • Read and understand a WSDL document
  • Parse, process, and respond to a SOAP message
  • Understand the concepts behind REST and implement a REST-based web service
  • Implement handlers to inject cross-cutting solutions for security, logging, auditing, and other needs
  • Work with WS-Security to protect content, resources, and other assets


Students should have 1-2 years of working knowledge with Servlets and JSPs, and should be familiar with XML, Namespaces, and XML Schema.


  1. Web Services Overview
    • Crossing Boundaries
    • What are Web Services?
    • Six Key Components
    • Web Services Characteristics
    • Web Services Architecturally
    • Technology Comparison
    • Architectural Perspective
    • Web Services Enable Decoupling
    • Many Web Services Challenges
    • Secure Services
    • Spec and Standard Evolution
    • Web Services Interoperability Organization
    • WS-I Has Many Deliverables
    • Basic Profile 1.0 Consists of:
    • Has > 100 Requirements and Suggestions
    • .NET Platform & .NET Web Services
    • Java and Web Services
    • Exercise: Web Services in Action
  2. Web Services, Java, and J2EE
    • XML and Java APIs at a Glance
    • XML Signature
    • XML Digital Signatures
    • XML Encryption
    • JAXP
    • JAXB
    • JAX-WS
    • SAAJ
    • JAX-WSA and XWSS
    • Web Services APIs
    • Web Services for J2EE (JSR109)
    • J2EE and Web Services
    • Web Services Metadata
    • Web Services Stacks at a Glance
    • WSIT
    • Apache Axis2
    • JBossWS
    • JWSDP
    • WebSphere WS
    • Spring-WS
    • Key Features
  3. Web Services Quickstart
    • What is WSIT?
    • WSIT Tool Support
    • How is WSIT Used?
    • Web Service Development with WSIT
    • Debugging Web Services
    • TCP/IP Monitors Provide View of Wire
    • Exercise: Implementing a Web Service
    • Exercise: Debugging Web Services
  4. XML, Namespaces, & Schema
    • What is XML?
    • XML Can Provide Application-Specific Information
    • Content: XML Document Syntax Rules
    • Structure: A Document Type Definition
    • XML Transformation to HTML
    • XML Separates Structure, Content and Format
    • TriveraTunes Purchase Order
    • Content as MarkUp
    • Tell Parser That Text is Data
    • Use Predefined Entities
    • Well-Formed and Valid XML Documents
    • Why Are These Definitions Important?
    • XML Namespaces
    • Name Collision – Example
    • Inter-Organization Name Collisions
    • W3C’s Solution: Namespaces
    • Uniform Resource Indicator
    • Declaring a Namespace
    • Namespace Scope
    • Parsers Use URI, Not the Alias
    • Default Namespace
    • Attributes and Namespaces
    • Example of Namespaces
    • Namespaces Best Practices
    • Benefits From Valid XML
    • W3C XML Schemas
    • Impacts of Schemas
    • General Form of an XML Schema
    • Elements, Attributes, and Types
    • Simple Schema and XML Document
    • Element Definitions
    • Corresponding XML Schema
    • Simple Types - Primitive Datatypes
    • Restricting Simple Types: Facets
    • Complex Types Bring More to Validation
    • Repetition Control
    • Restricting Simple Types
    • Complex Types Can be Derived
    • Derivation by Extension
    • Extension of Phone Number
    • Associating Schemas with XML Instances
    • Using XML Schema with Namespaces
    • Namespaces Provide Thread of Connection
    • Schema Defines a Target Namespace
    • XML Doc Uses Schema-Defined Namespace
    • schemaLocation Links Namespace to Location
    • Relating Schemas to XML
    • Exercise: Namespaces and Schemas
  5. XML in Java - JAXP and JAXB
    • XML Parsers Are Complex and Powerful
    • Parsers Are Integral to XML Processing
    • Parsers and API’s
    • Parser Generates DOM, Then Hands to App
    • Parsing With a DTD or Schema
    • Many Options to Consider
    • XML and Java
    • Security Concerns Relative to Parsing
    • Bridging Application Data and XML
    • JAXP: Java API for XML Processing
    • JAXP and Transformations
    • Challenges to Mapping XML
    • Generating XML is Nondeterministic
    • JAXB: Binding XML to Java
    • JAXB 2.0 Incorporated Changes
    • JAXB 2.0 and Java Versions
    • Defining the Rules in JAXB
    • Turning Rules into Java Classes
    • Using the Generated Classes
    • Creating Content
    • Some JAXB Type Bindings
    • XML Schema for List of Items
    • Corresponding Class Interface
    • A Word About Validation…
    • Exercise: Working With JAXB
  6. SOAP Overview
    • SOAP in a Nutshell
    • Anatomy of a SOAP Message
    • SOAP and HTTP
    • A Typical Scenario
    • What is SOAP?
    • SOAP Specification Provides:
    • Why do I need SOAP?
    • Simple Scenario
    • Less Simple Scenario
    • Uses of SOAP
    • A Simple Example...
    • Remote Procedure Calls
    • Example of SOAP RPC Call
    • Example of Response
    • Exercise: SOAP in Action
  7. SOAP in Detail
    • Protocols Used With Web Services
    • Request and Response Example
    • The SOAP Envelope
    • SOAP Header
    • SOAP Body
    • SOAP Request/Response Example
    • SOAP Defines a Fault Element
    • SOAP Data Model
    • Example Using XSD Data Type
    • SOAP Styles and Modes
    • SOAP With Attachments
    • SOAP Messaging
    • Endpoint Behavior
    • SOAP Encoding Styles
    • SOAP 1.1 vs. SOAP 1.2
    • What is SAAJ?
    • Understanding SAAJ
    • SOAPElement
    • SOAPElement Methods
    • SOAPMessage
    • SOAPPart
    • SOAPEnvelope
    • SOAPBody
    • SOAPBodyElement
    • SOAPHeaderElement
    • SOAPHeaderElement Methods
    • SOAPFault
    • Connections
    • Security Concerns Relative to SOAP
    • Exercise: Creating a SOAP Message
    • Exercise: Accessing a Service with a Servlet
  8. REST
    • Representational State Transfer
    • REST Characteristics
    • REST Elements
    • REST in Web Service Terms
    • REST: Another Option for Binding
    • Characterizing REST
    • REST Example
    • REST Design Principles
    • REST/SOAP Comparison
    • SOAP vs. REST
    • RESTing in Java
    • Security Concerns Relative to REST
    • Exercise: Working With REST (Optional)
  9. WSDL
    • Describing Web Services
    • WSDL in Practice
    • WSDL Extensibility
    • WSDL/SOAP Namespaces
    • WSDL Elements
    • WSDL Anatomy
    • <definitions> element
    • <documentation> element
    • <types> element
    • <portType> and <operation>
    • <binding> element
    • <port> and <service> elements
    • Looking Ahead – WSDL 2.0
    • Exercise: WSDL in Action
  10. JAX-WS Overview
    • JAX-WS
    • JAX-WS Introduction
    • JAX-WS Architecture
    • JAX-WS vs RMI
    • What about JAX-RPC?
    • JAX-WS Under the Hood
    • JAX-WS Basics
    • JAX-WS Features
    • Web Service Annotation Examples
    • JAX-WS Programming Model
    • JAX-WS Handlers
  11. Working with JAX-WS
    • JAX-WS Service
    • JAX-WS Development Process
    • Bottom-up Building of a Web Service
    • Top-Down Building of a Web Service
    • Exercise: WSDL-Generated Service
    • JAX-WS Client
    • Types of JAX-WS Clients
    • JAX-WS Basic Client Operations
    • Static Web Service Client
    • Dynamic JAX-WS Client
    • DII JAX-WS Client
    • SOAP Handlers
    • Handlers Applied Via Declaration
    • Exercise: WSDL-Generated Client
  12. Web Services for J2EE (WSEE)
    • WSEE & WSEE Server Programming Model
    • Server Programming Model
    • Servlets as Web Services
    • EJBs as Web Services
    • Routing SOAP requests to an EJB
    • WSDD
    • WSDD Example
    • WSEE Client Programming Model
    • Client Programming Model
    • Types of WSEE Clients
    • WSEE Basic Client Operations
    • Static WSEE Client
    • Dynamic WSEE Client
    • DII WSEE Client
    • WSEE Client Packaging
  13. Handlers
    • Handlers: The Basics
    • WSEE and Handlers
    • Handler Life Cycle
    • Applying Handlers
    • Handler Interface and Implementation
    • SOAPMessageContext
    • Example of Handler Class
    • Configuring Handlers
    • Web Service Handler Configuration
    • Using Handlers for Security
    • Exercise: Handlers in Action
  14. Discovery Overview
    • Discovery Options
    • What is UDDI?
    • UDDI Background
    • Interacting With UDDI
    • What is WSIL?
    • What is WS-Discovery?
    • Exercise: Discovery in Action
  15. XML Signature and Encryption
    • Cryptography Addresses Many Aspects of Security
    • Common Solutions to Big Three
    • XML Challenges
    • XML Signature
    • XML Digital Signatures
    • XML Signature Usage
    • Standard For Digital Signature
    • XML Encryption
    • XML Encryption Usage
    • XML Encryption Protects Data
  16. WS-Security
    • Securing a Web service
    • Web Service Security Exposures
    • Transport-Level Security
    • Secure Sockets Layer (SSL)
    • SSL In Action
    • When to Use Transport-Level Security
    • Message-Level Security
    • Web Services Security Roadmap
    • WS-Security Enables Interoperability
    • Security Tokens; Example of Security Token
    • Message Authentication
    • XML Signature and Encryption
    • Picture is Evolving
    • What is XWSS?
    • XWSS Provides Many Functions
    • Exercise: XWSS in Action
  17. Securing Untrusted Input
    • Input Data Attacks
    • Protecting a Web Service
    • Tenacious D
    • Defending a Web Service
    • Responding to Error State
    • Best Practices for Untrusted Data
    • Defenses to Consider
    • Additional Types of Attacks
    • Exercise: Insecure Web Services