Yes, providing jaxws handlers for calling the STS is probably the easiest way here. I think the issue Anil's referring too is that "basic" security configuration (enc/dec and sign) is different from stack to stack, because of the different ws-security implementations, hence the need for having 3 different handlers. Don't know if this can be covered in the existing WSTrustClient, in that case we might probably have a single jaxws handler (and that might even be part of the jbossws-framework project). View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4256327#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...