"helmutdoe" wrote : The <wsse:Security> missing occurs if i remove the followin line on my code. | | ((StubExt) ksb).setConfigName("Standard WSSecurity Client"); | | | | And this is traceable to me because then the client application do not know how he should configure the SecurityHandlers. Yes, without that the client doesn't even know that ws-security is to be used. anonymous wrote : | | ((StubExt) ksb).setSecurityConfig("META-INF/jboss-wsse-client.xml"); | | | | I have a problem on understanding how the client side gets this xml. Since Webservices have to be interoperable only the wsdl should be public. Of course it is not public, it's client side specific since it contains the location to the client keystores, etc. The jbossws code will look for the specified location the client application jar. Please note you can also provide absolute path to point to an external file. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4161457#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...