Below is the copy paste from ThreadLocalAssociation.java: //This removes a custom callback security handler that might have | //been set if using UsernameTokenProfile with digest; doing this | //here won't be required anymore once our custom security manager | //will be used in our wsse implementation. | CallbackHandlerPolicyContextHandler.setCallbackHandler(null); | Is this ugly hack still necessary Alessio? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4187671#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a... _______________________________________________ jbossws-dev mailing list jbossws-dev(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/jbossws-dev