I have added an interceptor on my spring clients application context
<bean id="wss4jSecurityInterceptor"
class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="securementActions" value="UsernameToken" />
<property name="securementUsername" value="user" />
<property name="securementPassword" value="password" />
<property name="validationCallbackHandler" ref="callbackHandler" />
</bean>