Here are some code snippets from JBoss code. I am not sure if you already loked at this. If not you can use eclipse debugger to see what is coming in the parameters. I am assuming the header is null. I might be wrong. Try it out. WSSecurityDispatcher.java | | public static void handleInbound(CommonMessageContext ctx) throws SOAPException, SOAPFaultException | { | WSSecurityConfiguration config = getSecurityConfig(ctx); | SOAPMessageImpl soapMessage = (SOAPMessageImpl)ctx.getSOAPMessage(); | | SOAPHeader soapHeader = soapMessage.getSOAPHeader(); QName secQName = new QName(Constants.WSSE_NS, "Security"); | Element secHeaderElement = Util.findElement(soapHeader, secQName); | | | | | Util.java | | public static Element findElement(Element root, QName name) | { | // Here lies your standard recusive DFS..... | if (matchNode(root, name)) | return root; | | | | public static boolean matchNode(Node node, QName name, boolean local) | { | return equalStrings(node.getLocalName(), name.getLocalPart()) | && (local || equalStrings(node.getNamespaceURI(), name.getNamespaceURI())); | } | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4142363#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...