We are going to integrate Dynamics NAV 2013 with PHP eCommerce and are planning to do this by dynamics nav web services. I know that to integrate with PHP I have to enable NTLM authentication, but I'm wondering if is it possible to publish web service which doesn't require login/password authorization?
Second thing, if I want to allow only specified IP's to access my web service, is it possible to do this in Navision or it's server administrators problem?
The client consuming a Nav web service has to be authenticated and mapped to a system user account, but it is possible to authenticate via the user name and the corresponding web service access key instead of the domain password. Common approach is to create a user account that is used for web service access only, generate the web service access key, and pass this dedicated user's credentials from the consuming application. Client application will be required to provide the security certificate. Besides, it is a good idea to create a separate service instance specifically for external access (usually users connecting via WAN).
This way, all users connecting from your web application will be authenticated, but they won't have to enter user name / password and you don't risk exposing your domain account credentials.
As for your second question - there is no way to setup this restriction from inside Nav that I'm aware of. I think this is a task for sysadmins - firewall applications allow you to setup very elaborate access rules.