Hi, after digging into jbossws-cxf source code, jboss source code; debugging like crazy; hacking in general; i got to understand what needs to be done for this to work. i am on an hurry to enjoy the weekend so i will come back with a full description in the meantime. just giving the word out so no one spends more time than i did with this. thanks.

Basically these are the steps to make this work:

1. move the spring application context file (in the example applicationContext.xml) into WEB-INF\jbossws-cxf.xml;
2. the jbossws-cxf.xml must not contain relative <import> to other files because it is loaded from an InputStream inside cxf and it causes an exception;
3. CXFServlet does not need to be defined in web.xml;
4. <listener> org.springframework.web.context.ContextLoaderListener defined in web.xml is not required -- only if you are doing something with Spring context elsewhere;
5. do not include cxf <import> in jbossws-cxf.xml (like <import resource="classpath:META-INF/cxf/cxf.xml" />), if you do you will get exceptions complaining about endpoints not being defined in jbossws-cxf.xml;
6. do not include <cxf:bus> in jbossws-cxf.xml, if you do you will get exceptions complaining about endpoints not being defined in jbossws-cxf.xml;
7. a previous workaround (around an NPE in the web services implementation) is no longer required -- you can safely remove extends SpringBeanAutowiringSupport, @AutoWired and @PostConstruct from the webservices implementation
8. wss4j 1.6 has changed the logic for password callback processing, instead of validating the password (provided by the calling code) it must provide as result the password for comparison

Here is the revised WEB-INF\jbossws-cxf.xml that works:

<?xml version="1.0" encoding="UTF-8"?>

<beans xmlns="http://www.springframework.org/schema/beans"

       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:cxf="http://cxf.apache.org/core"

       xmlns:jaxws="http://cxf.apache.org/jaxws" xmlns:soap="http://cxf.apache.org/bindings/soap"

       xsi:schemaLocation="http://cxf.apache.org/core http://cxf.apache.org/schemas/core.xsd

                           http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd

                           http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd

                           http://cxf.apache.org/bindings/soap http://cxf.apache.org/schemas/configuration/soap.xsd">

  <bean id="helloWorldImpl" class="com.jorge.test.hello.webservices.HelloWorldImpl">

  </bean>

  <jaxws:endpoint id="hello"

                  implementorClass="com.jorge.test.hello.webservices.HelloWorldImpl"

                  implementor="#helloWorldImpl"

                  address="/hello">

    <jaxws:binding>

      <soap:soapBinding version="1.2" />

    </jaxws:binding>

    <jaxws:inInterceptors>

      <ref bean="busInInterceptor" />

      <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />

      <ref bean="wss4jInConfiguration" />

    </jaxws:inInterceptors>

    <jaxws:properties>

      <entry key="schema-validation-enabled" value="true" />

      <entry key="mtom-enabled" value="true" />

    </jaxws:properties>

  </jaxws:endpoint>

  <bean id="wss4jInConfiguration"

        class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">

    <property name="properties">

      <map>

        <entry key="action" value="UsernameToken" />

        <entry key="passwordType" value="PasswordText" />

        <entry key="passwordCallbackRef">

          <ref bean="serverPasswordCallback" />

        </entry>

      </map>

    </property>

  </bean>

  <bean id="serverPasswordCallback" class="com.jorge.test.hello.security.ServerPasswordCallback">

  </bean>

</beans>

A working (revised) example is in attach.

Example SOAP request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:web="http://webservices.hello.test.jorge.com/">

   <soap:Header>

  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1">

  <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-1234567890">

  <wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">11</wsse:Username>

  <wsse:Password xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">p</wsse:Password>

  </wsse:UsernameToken>

  </wsse:Security>

   </soap:Header>

   <soap:Body>

      <web:sayHello>

         <user>test</user>

      </web:sayHello>

   </soap:Body>

</soap:Envelope>

Example SOAP response:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">

   <soap:Body>

      <ns2:sayHelloResponse xmlns:ns2="http://webservices.hello.test.jorge.com/">

         <return>hello world test</return>

      </ns2:sayHelloResponse>

   </soap:Body>

</soap:Envelope>

If this has helped you in anyway, I would love to hear from you.

Yap. This was in fact a migration issue. What got me wondering was the fact that, apparently, everything was working but not the interceptors. Now, looking back, I probably guess that JBoss was introspecting the classes and the jax-ws annotations and the stuff on the OLD configuration beans was simply put into a in-memory only bus + endpoints. My guess, tough. Furthermore, I hope you get to write those FAQ/tutorial/other because I have not found so much information on the correct jboss way of developing web services (with CXF I mean) on JBoss 7.