I think you are supposed to use the Security button on the Namespaces/Categories page in this case. The username/PW filed page on the 1st page is only used to contact the WS to obtain a WSDL I believe (a step you bypass because you're providing the WSDL).
If you look at the source of the generated component, the username /PW you provide should be showing up in the code near the top if done correctly.