no i didnt, but i did add the following to my webservices.xml <handler> | <handler-name>WSSecurityHandlerInbound</handler-name> | <handler-class>org.jboss.ws.wsse.WSSecurityHandlerInbound</handler-class> | </handler> Does this not do the same. The signature the message is signed with is verified in the server before the message is processed. I have tested this by resending an altered message with TCPMON and it throws a security exception when i do. Does this not mean that security is enabled? Brian
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3981253#3981253 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3981253 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user