Seldom you expose a webservice operation without a security attached to it..Let us see how we can attach the simple username token based authentication to the webservice we had created in our previous posts.
Checkout the code from below repository if you haven’t completed the previous exercises.
TAG : CUSTOM_METHOD_WEBSERVICE
Step 1: Select the CholaServiceImpl.java file in the navigator and on the property inspector open up the Webservices Extension section.Click and select a security policy.
Step 2: Select the oracle/wss_username_token_service_policy
Step 3: Confirm the security annotation is added
Now if you try to execute any operation in the webservice, it won’t allow you to execute without passing the username/password in the SOAP header.