I working with NTLM in a different scenario, and it seems that NTLM doesn't work when chunking is used by the client. Do a sniff on your traffic to see what is going on. If you have the appropriate jbossws version you can turn chunking off (http://www.jboss.org/community/wiki/JBossWS-NativeUserGuide#Chunked_encod...). if You are using 3.2.0 I'm curious as to your results (i am using an older version and still searching for a way to disable chunking). see my thread at http://www.jboss.org/index.html?module=bb&op=viewtopic&t=160737 for a bigger explanation of my findings. When the client is using chunking, it seems like the jvm doesn't recognize the 401 that is returned from the server before it sends the first chunk and thus never calls our custom authenticators. When chunking is not used, the client sends its whole request at once and then waits for the response (which is a 401) that triggers the authentication sequence. That's my theory anyway. GL View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4253152#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...