If Rampart supports policy alternatives then this can be done easily. But Rampart does not.
Anyway - there is way we could still do it - by applying different policies to different bindings.
1.Add two different policies to the WSDL. For non-secured end point we use an empty policy as shown below.
2. Hand edit the WSDL and add a new binding element - which references the #NonSecure policy.
3. Hand edit the WSDL and add a new wsdl:port element - which references echoSoap12BindingNonsecured.
<wsdl:binding name="echoSoap12BindingNonsecured" type="ns:echoPortType">
<wsp:PolicyReference URI="#NonSecure" />
4. You can find the modified wsdl from here.
<wsdl:port name="echoHttpSoap12EndpointNonSecured" binding="ns:echoSoap12BindingNonsecured">
<soap12:address location="http://localhost:8080/axis2/services/echo.echoHttpSoap12EndpointNonSecured/" />
5.Now edit your services.xml with appropriate wsp:PolicyAttachment(s).
6.Modify the services.xml to useOrignalWSDL.
7.You can find the complete services.xml from here.
8.To invoke the secured end point use the EPR http://localhost:8080/axis2/services/echo.echoHttpSoap12Endpoint
9.To invoke the non-secured end point use the EPR http://localhost:8080/axis2/services/echo.echoHttpSoap12EndpointNonSecured
If you are not handling this type of a scenario properly at the application logic - then this is not a recommended approach.