I have secured a web service with a userID/password as shown in http://community.jboss.org/thread/102811

If I use the correct userID/password, it works fine.  If I use an incorrect password and/or userID, I get the 404 error as I should.

However, if I don't pass anything, it works fine.  How can I have it force the code to pass a userID and password?