I don't know a lot of Eclipse tooling, but generally speaking you're responsible for setting the desired policy assertions in the wsdl (it's a contract first approach). I don't think the eclipse tooling has wizards for automatically creating the policy assertions of given security setups, but I might not be up-to-date here.