Hi, We have few external clients requesting their data from the same server using the same endpoint. I would like to configure security using both their and ours private keys as follows: - every client signs their request with their private key, and the server uses the corresponding public key (from keystore) to authorize them and get their principal. - our response is signed with our server private key (from trusted store), and clients use our public key to authenticate the response. I tried to get through WIKI and User Guide, tried jboss-wsse-server.xml configs from there, but there is no example similar to what I need if I did not miss something. How do I configure WS-Security for this scenario? My env: java 6, JBoss 5.0.0CR1, jbossws core 3.02. Clients are .NET if this is important. Thanks. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4170069#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...