Any idea how I can implement this?
Will it strip off the ws-security header that is coming in or forward them to next call in line? If I have correct 'actor' specified in the security header, will it honor that setting?
Because BPEL is binding agnostic, a portable process should only access bound SOAP headers (refer to the JBossWS user guide for an explanation of bound headers). This applies to services either consumed or provided by the process.
However, at the moment jBPM does not process SOAP headers. This already appears in our roadmap as BPEL-168.