Hi Alessio, thanks for your comments! anonymous wrote : Don't know if this can be covered in the existing WSTrustClient, in that case we might probably have a single jaxws handler (and that might even be part of the jbossws-framework project). I'll take a look at what's supported in the WSTrustClient. Currently we only extract the SAML Assertion and pass it along to WSTrustClient which in turn calls JBossSTS. JBossSTS can be configured to sign the SAML tokens that it has issued and check this when when it is validating the token. At the moment we thought of adding this to the identity project but I'll let Anil and Jeff comment on this. At least at this stage this makes sense I think as this is specific to the WSTrustClient. Regards, /Daniel View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4256333#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...