Alessio,
I have the same problem and use the same code on my client:
Map<String, Object> ctx = ((BindingProvider) port).getRequestContext();
ctx.put("ws-security.username", userName);
ctx.put("ws-security.password", password)
Which by the way is the code provided as example from JBoss and CXF documentation you provided. They state that setting those properties should be enough for a client to send WS-Security UsernameToken headers. But they don't. And I can't find on the docs what else to do.
On google I find lots of posts telling to develop and install my own SOAP handler, but I expected CXF or JBoss AS should have those ready for use, it should be a simple matter of configuring System Properties somwhere.