When I create a CMIS session using SessionFactory.createSession(), how is the password sent to the server - is it sent in clear text, hashed, does it depend on the protocol (AtomPub vs. Web Service)? Just trying to figure out how secure it is between OpenCMIS and the server.
Thanks. Naresh
