we have switched the authentication method to "SSL Client Certificate" in an inbound communication arrangement in C4C.
However the web service can still be called in SoapUI by just using user/password as authentication method. The communication arrangement was saved and reactivated before.
Is this expected behavior? Actually we would like to disable user/password authentication and just allow client-certificate authentication.
Thank you for your advice.