You can apply basic realm security to your webservice. In the web.xml, you have to paste certain tags given below. Don’t apply the Basic Realm for GET. The client code makes a GET request to get the port. Apply Basic Realm for POST. The client code will put the authentication values in the headers as:
Calculator calculator = (new CalculatorService()).getCalculatorPort();
BindingProvider provider = (BindingProvider) calculator;
provider.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "navnit");
provider.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "leo");
The web.xml section is as below:
Protected Site
/*
DELETE
POST
PUT
CalculatorUser
BASIC
Example Basic Authentication
Test role
CalculatorUser
You also need to create a role in the tomcat-users.xml and a user/password.