I have an EJB exposed as a Restful service. I want to use programmatic security in to get the principal name in my EJB just like what you have shown above. When I make a call for my restful service from a browser it should ask for username and password - like Basic Authentication. Can you help me with the configuration to achieve this effect? It seems very similar to the above example but I am not sure what I need to change.