How to disable web service authentication by sap-user string in url
I am publish some RFC function as webservice for my SAP AS ABAP, i set the authentication as basic. I can using http basic authentication to call the service and get the result. But it also accept passing user/password through the url string: http://localhost:8001/sap/bc/soap/wsdl11?services=BAPI_PO_CHANGE&sap-client=100&sap-user=myId&sap-password=myPassword
I want to disable this, make it no user/password through url string. Can anyone tell me how to do it, thanks.