Martin Gainty;
Thanks for your response. I am dealing with a third-party server which I cannot modify. That server will accept a Security header with a UsernameToken and ""mustUnderstand" flag set. I have been able to send that message successfully and the server processes it.. Unfortunately the server also responds with a Security header containing a "mustUnderstand" flag set. The client program aborts when it encounters this response message. The client is a stand-alone Java program and I am constrained to use WSDL2JAVA for the stub and bound data objects, and RAMPART for the WS-Security processing. I can modify the stub as needed - in fact I had to do so to engage the RAMPART security module. AXIS2 appears to process the security headers before returning any message to the client - and aborts the program without returning the message when there is an unprocessed header, so the example in the Apache sample solution will not apply in my circumstances. I have written a custom handler per some other sample codes, but I cannot get it to engage. I don't know what is missing. Regards; -Mike Pettigrew
