MTOM, Axis2, WS-Security and signed attachements

I am working on a bug we have encountered in one of our web services开发者_开发问答. We are using Axis2 1.4.1 running on OC4J. The issues is that when sending multiple signed binary attachments to the service with MTOM, the service only gets one of the attachments. If I disable WS-Security and send the same request to the web service, all the attachments get through. This seems to only happen when MTOM "determines" the attachments are large enough to warrant breaking them out into separate MIME sections. If they are quite small, then MTOM just base64encodes them and leaves them inline and all data gets through.

All the request SOAP Xml is produced correctly. That is, all the multiple attachments are being sent to the service and all the MIME boundaries are present and all the XOP includes are in place, as I have snooped the requests with Eclipses TCP/IP Monitor and also with the output provided in SOAP Sonar.

Has anyone else run into an issues when trying to send signed content to an Axis2 web service?

I found the answer, sort of, on my own question after spelunking through many JIRA tickets on the AXIS2 JIRA. The fix, or work around actually, is described in AXIS2-4973. Using the method described, Axis2 seems to generate the code the parses multiple MTOM attachments correctly.