So we have an issue we cannot resolve. We have 3 web services. 2 need to use the security interceptor to take advantage of UsernameToken, the 3rd web service does not need to use the security interceptor. From what I understand we should be able to define multiple endpoint mappers, so this is what we have done:

Code:
<bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
        <description>
            Detects @PayloadRoot annotations on @Endpoint bean methods. The MarshallingSaleListEndpoint
            has such annotations. It uses two interceptors: one that logs the message payload, and the other validates
            it according to the schema files.
        </description>
        <property name="interceptors">
            <list>
                <bean class="org.springframework.ws.server.endpoint.interceptor.PayloadLoggingInterceptor"/>
                <bean class="org.springframework.ws.soap.server.endpoint.interceptor.PayloadValidatingInterceptor">
                    <property name="schemas">
                        <list>
                            <value>/WEB-INF/xsd/Lot.xsd</value>
                            <value>/WEB-INF/xsd/BidLimits.xsd</value>
                        </list>
                    </property>
                    <property name="validateRequest" value="false"/>
                    <property name="validateResponse" value="true"/>
                </bean>
                <ref bean="wsSecurityInterceptor"/>
            </list>
        </property>
        <property name="order" value="2"/>
    </bean>
    
    <bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
        <description>
            Detects @PayloadRoot annotations on @Endpoint bean methods. The MarshallingSaleListEndpoint
            has such annotations. It uses two interceptors: one that logs the message payload, and the other validates
            it according to the schema files.
        </description>
        <property name="interceptors">
            <list>
                <bean class="org.springframework.ws.server.endpoint.interceptor.PayloadLoggingInterceptor"/>
                <bean class="org.springframework.ws.soap.server.endpoint.interceptor.PayloadValidatingInterceptor">
                    <property name="schemas">
                        <list>
                            <value>/WEB-INF/xsd/ExportVerification.xsd</value>
                        </list>
                    </property>
                    <property name="validateRequest" value="false"/>
                    <property name="validateResponse" value="true"/>
                </bean>
            </list>
        </property>
        <property name="order" value="1"/>
    </bean>
Our issue is that when a web service call is processed that does not meet the requirements for the first mapping definition, it never falls through to check the second mapping (first, second based on "order"). What are we doing wrong?