hi romano,
i think that there is something different with the logic of handling the hash on the jboss server side, when i examine the corresponding source code,
i see that the BASE64 encoded nonce value is used for creation of hash to match the one sent by client.But the standart document says that; use the "nonce" not the "BASE64 encoded nonce" when creating password digest.
Also the jbossws clients creates the password digest with BASE64 encoded nonce, as a result there is no crash when there is jbossws-server/jbossws-client; because other type of clients do not digest password with BASE64 encoded nonce, they always crash.