Got a question on web services API authentication scheme on PLM4P 6.1.1. We are currently using "option 1" where the username/password is coded using SetupAssistant. In order to prevent just anyone in the company to obtain data through web services, we have to change the configuration to authenticate web service calls using individual username/password such as stated in the "option 2" per PLM4P EP guide and that requires a server certificate to be created to encrypt the communication. Is it possible to implement "option 2" without creating a certificate so the communication is done via "http" but the caller will have to supply an username/password?
Currently PLM4P API only support message level encryption with cert. The API is built based on WCF technology. HTTPBasic authentication is not officially supported by WCF, you need to make some customization on WCF and config it in the API framework.
Go ahead to make some research on this, it is not a quite hard mission.