Credentials should only be passed in plain-text if the connection is secured via SSL. Passing credentials in this manner allows the portal to consume an existing web application.
EncryptionType Class | Plumtree.Remote.Portlet Namespace