We need Smartcards Suppport for WSS signing and decrypting. Our Smartcards come with a dll which implements the PKCS#11 interface. Sun added a JCE Provider which can be used to integrate a PKCS#11 dll to the JDK/JRE (see http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html\). The Sun PKCS#11 Provider makes it possible to access a PKCS#11 Token as a java.security.KeyStore.
Therefore, it should be possible to add PKCS#11 support for WSS by reusing most of the existing code. IMHO, the feature could be implemented so that the user can add a Keystore for a PKCS#11 dll on the "Project/SecurityConfiguration/Keystores" Tab.
The attached sample code demonstrates how to create a Keystore for a PKCS#11 dll and how to implement the password callback. The user should not be forced to store his smartcard password in the config.