Hello Justin ,
Can you see if you have added a empty <login-config/> element in web.xml of you application ?
As described in the documentation http://docs.oracle.com/cloud/CSJSU/dev_app.htm#CSJSU7094
Application deployed in Java Cloud Service are secured by default behind the perimeter security to protect their accidental exposure to public internet
When you clearly intent to expose the WebServices, WSDL's to internet you need to add an empty <login-config/> in web.xml.