In MZ's version 5 notes, p 111, about WS-Security, there is a statement:
"An intermediary on the message path may add one or more sub-elements to an existing security header block if they are targeted for the same SOAP node or it may add one or more new headers for additional targets".
I think it should be " ... or it may add one or more new header block for additional targets."
There should be no more than 1 header in a SOAPEnvelop. A header can have as many header blocks as you want.