Hi! Sorry for the the delay... I've tried the new username token support now and it seams to work fine. Build info: Version: jbossws-native-3.0.6-SNAPSHOT Build: 200901151503 Example of SOAP request: | POST /lab_1_wsdl_first/HelloService HTTP/1.1 | SOAPAction: "" | Content-Type: text/xml; charset=UTF-8 | JBoss-Remoting-Version: 22 | User-Agent: JBossRemoting - 2.2.2.SP8 | Host: localhost:8080 | Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2 | Connection: keep-alive | Transfer-Encoding: chunked | | <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><env:... env:mustUnderstand='1' xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws... wsu:Id='timestamp'><wsu:Created>2009-01-26T14:36:28.871Z</wsu:Created><wsu:Expires>2009-01-26T14:41:28.871Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken wsu:Id='token-1-1232980588873-16780239'><wsse:Username>someuser</wsse:Username><wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-usernam... xmlns:ns1="http://www.redpill.se/training/ws/hello/HelloService"><helloMessage>Lab1Client</helloMessage></ns1:HelloData></env:Body></env:Envelope> | I.e. no http basic authentication. I've added <security-domain>java:/jaas/JBossWS</security-domain> to jboss-web.xml And the following to jboss-wsse-server.xml: | <jboss-ws-security> | <config> | <authorize> | <unchecked/> | </authorize> | </config> | </jboss-ws-security> | And i can now control access through the conf/props/jbossws-users.properties file. Without properly configured credentials I get a message saying: "The security token could not be authenticated or authorized." So everything seems to be ok this far. However, I've noticed that if I do: @Resource javax.xml.ws.WebServiceContext wsCtx; wsCtx.getUserPrincipal() will return null. Is this the expected result? View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4204724#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...