Hello davideling, Thanks for your reply, My annotations on my service implementation are: | @BindingType(javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_MTOM_BINDING) | @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle = SOAPBinding.ParameterStyle.BARE) | @EndpointConfig(configName = "Standard WSSecurity Endpoint") | as suggested in http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#MTOM.2FXOP. If I try your annotations (without @SOAPBinding) I have the same exception: | javax.xml.ws.soap.SOAPFaultException: Endpoint {http://foo.org/mtom}ServiceImpl does not contain | operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData | Now, the weird part: If I disable ws security on the client part, it works (even if on the server side I have @EndpointConfig(configName = "Standard WSSecurity Endpoint")). As I said on my first post, when I activate mtom and ws-security, it seems that only mtom works, so if my client send an encrypted soap message, the server will not know how to handle it and will throws the exception. You said, you've got the attachment inlined. I don't know what a soap message looks like using mtom + ws security, but mtom is supposed to use multi parts isn't it? So, are you sure that ws security has not disable mtom? Well, maybe I need to dig more information :oD. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4056930#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...