"mikaeljl" wrote : I do not think WSSE UsernameToken authentication is working for POJO endpoints without enabling some form of http level authentication like basic auth? Can you confirm this? | There's the issue of the principal you described in the previous posts. Btw this also is related to what we're discussing here: http://jira.jboss.org/jira/browse/JBWS-1136 anonymous wrote : I will look into converting my pojo endpoints into ejb3 endpoints because that seems to be the easiest solution right now. I guess it is just a matter of adding @Stateless to my pojo class and packaging/deploying the thing as a jar instead of a war... kind of... | Almost yes, I shouldn't be difficult. anonymous wrote : Are there any plans for supporting WSSE UsernameToken based authentication for POJO endpoints (without the requirement of any additional http level authentication? | I don't have a reliable answer for this, sorry. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4121793#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...