You should either protect the service only (allowing unauthenticated access to the wsdl contract, for example using secureWSDLAccess=false in your @WebContext annotation) or let your client consume a local copy of the wsdl you previously downloaded manually providing username & password. Please note that this also increase performance. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4119279#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...