This document presents a practical approach of how to use WSS4J to add simple security headers to both client and web service implemented with Axis 1.*
Did you get the error in the title? This is a very common occurrence in JSF (Java Server Faces) applications. It is easy to get and easy to get rid off, you just have to be careful.