When an Oracle Tuxedo client calls a Web service, it actually calls the GWWS server that declares the Web service as an Oracle Tuxedo service. The user id and group id (defined in tpusr and tpgrp files) are sent to the GWWS. The GWWS then checks whether the Web service has a configuration item <Realm>. If it does, the GWWS:

• Tries to invoke the vtable gwws_pi_map_http_basic function to map the Oracle Tuxedo userid into the username and password for the HTTP Realm of the server.
• For successful calls, encodes the returned username and password with Base64 and sends it to the HTTP header field “Authorization: Basic”.
• For failed calls, returns a failure to the Oracle Tuxedo Client without invoking the Web service.