"vdurbha" wrote : But the server side endpoint still does not work if I use @HandlerChain annotation instead of @EndpointConfig to set the security handler. After digging into the source code of JBossWS and the log files for a few hours, I understood that for the WS-Security handler to work correctly, it has to be configured as a POST Handler type. When I used @HandlerChain annotation, it is configured as ENDPOINT Handler type. I was not able to find anyway to specify the type of handler in a standard way. You're right, you can't configure POST handlers using the standard descriptor. This is a limitation of the native stack; in the case of ws-addresing configuration you can use the standard @Addressing annotation, but there's no similar standard annotation for ws-security. Do you have multiple handlers? Never tried, but I though ws-addresing native impl could work even with ENDPOINT handlers if they're in the right position in the chain and there aren't other handlers in POST (decryption needs to happen first, encryption needs to happen last) View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4221662#... Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...