Method org.apache.servicemix.soap.handlers.security.WSSecurityHandler.onAnswer() has no implementation! As a result one cannot perform any security operation (like XML-Encryption or XML-Signature) on the response message. The following config is used to sign the return soap message in a http bc consumer component. It has no effect as onAnswer() is not implemented. <http:policies> <soap:ws-addressing /> <soap:ws-security sendAction="Signature" receiveAction="" keystore="default" username="alice"> <soap:crypto> <bean class="org.apache.servicemix.soap.handlers.security.StandaloneCrypto"> <property name="keyStoreUrl" value="classpath:alice.jks" /> <property name="keyStorePassword" value="password" /> <property name="keyPassword" value="password"/> </bean> </soap:crypto> </soap:ws-security> </http:policies>