Encryption Field Not working when using web sevices. setContextID, setDisplayValue functions not working when using web service
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-10-2012 03:25 AM
Hi,
I am using a encryption field in my incident form.
When i'm updating the incident from service now UI, then the encrypted field is getting updated properly.
But, when I'm updating the same incident form via SOAP web services, the encrypted field is not getting updated.
I have used setContextID and setDisplayValue functions for that encryted field.
I think that setContextID is not working for web services.
kindly, let me know any workaround or any solution to this problem.
Thanks & Regards,
Santosh Sahoo
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎07-18-2012 09:07 AM
I am also seeing this issue and I am looking into it.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-03-2013 10:00 AM
Hi,
I am also facing the same issue.
The difference is I am trying to incorporate script into calculated box by checking calculated checkbox inside encrypted field's dictionary and the script doesn't work but the same script works for normal text box field.
Any idea on this?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-03-2013 10:36 AM
Hopefully this helps someone.
In dealing with the issue I had this is what I found and pieced together from the below wiki articles.
My incoming web services were being pushed off to a scheduler and the transform and process of that data was running as system.
Setting the value of an glide_encrypted field relies on a user to have a specific context. Not even admin can override this. When incoming web services came into my instance they ran as system. System is not a user with an encryption context.
Even when I impersonate users within the code I was prevented (as shown in the first wiki article here) from inheriting the encryption context.
http://wiki.servicenow.com/index.php?title=Encryption_Support_FAQ
http://wiki.servicenow.com/index.php?title=Encryption_Support_Plugin
http://wiki.servicenow.com/index.php?title=Encryption_Scripting
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-27-2014 06:35 PM
Chris, you're exactly right.
For security, this cannot be done.
Imports, scheduled reports, email processing, scheduled jobs and anything else that run "in the background" use impersonation (the real job runner is technically "system") and decryption is prevented in impersonated and non-interactive sessions due to security.
The best I could do in my attempts is get an odd value back when I used the "gs.getEncryptionContext()":
8f0810bddc29ad00faa533ccb739cec3:null // [sys_id_of_encryption_context]:null
All of my .getDisplayValue() calls returned blank.
See the Encryption Support FAQ wiki, section 1.8:
Import Sets run as user System. Therefore, import sets cannot add data to encrypted fields.