Transport–Level Security

HTTP Basic Authentication

In the event it is not convenient to use WS-Security, it is possible to configure PPM to accept user credentials passed using HTTP basic authentication headers.

To enable HTTP basic authentication:

  1. Open the axis2.xml file for edit.

  2. Locate the InflowBasicAuth section.

  3. Change the value of Enforced to true.

  4. Save and close the axis2.xml file.

When HTTP basic authentication is enabled on the PPM Server, the credential carried in HTTP authentication header is authenticated against PPM users’ credentials.

Tip: When this mode is enabled, avoid duplication authentication by making sure that you have disabled message–level security, as described in Message–Level Security (WS-Security Specification).


To enable HTTPS, refer to the external Web server for details. To make a secure HTTPS connection from a Web service client, see the Web Services Programmer's Guide.