Remember that a single WSS installation is capable of protecting an arbitrary number of services. For each service you want to protect you have to create a so called "Enforcement Point" receiving all service requests for a protected service and authorizing access to it. To create, edit, and delete an Enforcement Point, you should use the WSS Management Application that is available through http://localhost:8080/wss (may differ depending on your actual server setup).
Click on Manage WSS to start the application. You have to log in with a tomcat user, that has the role "manager" (defined in <TOMCAT_INSTALL>\conf\tomcat-users.xml).
After you have successfully logged in, you get a list of all Enforcement Points of that WSS instance.
Add new Enforcement Point