In SWS-549, the exceptionHandler property was introduced into the AbstractWSSecurityInterceptor.
This creates an inconsistency with the overall exceptionhandling architecture in Spring WS.
Instead of introducing the EndpointExceptionResolver in this Interceptor, would it not be better to just let the exception flow up to the MessageDispatcher, where the resolvers already are configured (with sensible defaults)
And as this is not documented anywhere unlike the exception resolving in the MessageDispatcher (http://static.springsource.org/spring-ws/sites/1.5/reference/html/server.html#server-endpoint-exception-resolver), it is too easy to miss out on or forget this extra configuration step.
In my opinion this could be done for both the client and endpoint handleRequest/handleResponse methods by just removing the catch clauses.
I would be happy to contribute a patch for this if needed.